[mdlug] Best Linux Security? Anyone use tripwire?

- otakurider at gmail.com
Mon Jan 21 10:03:39 EST 2008


Dead on Carl

Testing your system with tools like nessus, nmap, or even using toolkits
like backtrack
can help increase your comfort level.  Use the tools to raddle the locks on
your systems so you can get a idea what it looks and feels like when someone
outside raddles them.    Running IDS systems like Snort, or monitoring tools
like munin,  Getting a feeling of  your systems on a day to day basis can be
the best security


Pat Baker
VP MDLUG



On Jan 20, 2008 8:46 PM, Carl T. Miller <carl at carltm.com> wrote:

> Robert Lippert wrote:
> > Whats the best security system?
> > Note...I use Red Hat.
>
> The best security is a sharp, attentive administrator.  Tripwire
> is good for letting you know after the fact that files have changed.
> It's more important that you don't run services you don't need, that
> you maintain security patches, that you train your users well, have
> a good firewall, and carefully review the configuration of services
> and applications that you run.  My point being that tripwire and
> similar programs are only a small part of overall security.
>
> I have used tripwire in the past and found that it was more work
> to configure and maintain than I cared for, especially since it
> did nothing proactive to protect the server.  If you do want to
> monitor changes, you might want to look for changes in processes
> that are running as well as network connections that are made in
> addition to changes in files.
>
> I'm not sure which monitoring programs Red Hat recommends.  You
> might want to look in the Red Hat system administration guide
> to see what they support.
>
> c
>
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>



More information about the mdlug mailing list