Monitor your system for threats with rsec alerts

"In light of that, rsec was forked from msec and stripped everything from msec beyond the reporting capabilities. Rsec was first introduced in the Annvix distribution and is available for any Linux system; packages for CentOS and Red Hat Enterprise Linux are available from the Annvix RHEL YUM Repository.

"When you install the rsec package, it creates the /etc/security/rsec.conf configuration file where you can enable and disable any checks that you want. The file is heavily commented so configuration is simple. Rsec can also use rkhunter (scans for rootkits) in its reporting by enabling the CHECK_RKHUNTER test; this runs rkhunter and includes its output in the reports."

Complete Story

Related Stories:

• A Linux security story(Jul 17, 2009)
• Practical password security(Feb 10, 2009)
• How to: Manage Traffic Using Tomato and QoS(Feb 03, 2009)
• sudo: Running a Command with root Privileges(Dec 27, 2008)
• Editor's Note: Instead of Throwing Everyone In Jail, Fix Your Lousy Products(Dec 05, 2008)
• Hardening The Linux Kernel With Grsecurity (Debian)(Nov 20, 2008)
• Turn Linux into Fort Knox: 10 Tools for a Safer Web Server(Oct 09, 2008)
• Make Linux: Harder - Better - Faster(Oct 02, 2008)