Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Monitor your system for threats with rsec alerts

Aug 24, 2009, 16:33 (0 Talkback[s])
(Other stories by Vincent Danen)

"In light of that, rsec was forked from msec and stripped everything from msec beyond the reporting capabilities. Rsec was first introduced in the Annvix distribution and is available for any Linux system; packages for CentOS and Red Hat Enterprise Linux are available from the Annvix RHEL YUM Repository.

"When you install the rsec package, it creates the /etc/security/rsec.conf configuration file where you can enable and disable any checks that you want. The file is heavily commented so configuration is simple. Rsec can also use rkhunter (scans for rootkits) in its reporting by enabling the CHECK_RKHUNTER test; this runs rkhunter and includes its output in the reports."

Complete Story

Related Stories: