LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-19-2002, 01:26 PM   #1
Cynthia Blue
Member
 
Registered: Dec 2002
Location: SLC Utah USA
Distribution: SuSe 9.1
Posts: 102

Rep: Reputation: 15
LogWatch vs. LogSentry (and security)


I'm looking into various security features to put onto my RH8 Linux box. I was considering LogSentry... but I already have LogWatch set up (came with the RH8 package) and I get an email every day. Would it be good to install LogSentry as well? Or are they mutually exclusive? Or would LogSentry be better?

I also want to install a Port-watcher (snort or Portsentry, not sure which). And Tripwire. I have Guarddog up, which is a GUI front for iptables.

Anything else that a newbie needs to know about software and security? I'm very new, and am looking for things easy to install and setup, which at the same time are secure.

Thanks.
 
Old 12-19-2002, 04:04 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
LogWatch and LogSentry aren't mutually exclusive. LogSentry has a separate word filter, which make it a bit more customizable, usefull.

If you're talking Intrusion Detection (IDS) there's only Snort. See here for my reasons why and here for an example why.
Some may argue Portsentry v2 is a choice, but it was still beta last time I checked.

As for integrity checkers there's Aide, Tripwire and Samhain to name just 3. What you use depends on what you're familiar with or need. Like some other ppl I favour Aide over Tripwire.

Anything else securitywise? Well, search the security forum for the reference list, or ask for it.

HTH
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Logwatch?? Palula Linux - Newbie 2 08-02-2005 09:14 PM
***logwatch*** LinuxRam Linux - General 1 08-25-2004 05:09 AM
logwatch GraemeK Linux - Software 2 12-18-2003 09:32 PM
Help with Logwatch/Logsentry messages jack101 Linux - Security 2 09-03-2003 08:49 AM
What's LogWatch and why is it there? Travis86 Linux - Newbie 7 12-27-2002 04:07 PM


All times are GMT -5. The time now is 10:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration