Linux Today: Linux News On Internet Time.

Monitor your system for threats with rsec alerts

Aug 24, 2009, 16:33 (0 Talkback[s])
(Other stories by Vincent Danen)

"In light of that, rsec was forked from msec and stripped everything from msec beyond the reporting capabilities. Rsec was first introduced in the Annvix distribution and is available for any Linux system; packages for CentOS and Red Hat Enterprise Linux are available from the Annvix RHEL YUM Repository.

"When you install the rsec package, it creates the /etc/security/rsec.conf configuration file where you can enable and disable any checks that you want. The file is heavily commented so configuration is simple. Rsec can also use rkhunter (scans for rootkits) in its reporting by enabling the CHECK_RKHUNTER test; this runs rkhunter and includes its output in the reports."

Complete Story

Related Stories: