Is there a tool for intrusion detection where a central machine is responsible for requesting clients for file and directory information and reporting changes?
Do you know of any open source package preferable are available for RHEL4 and 5?
I have recently been using snort but I need something ideally graphically based so that it is easy to use and find your way around.
Can anyone recommend an IDS product that has a GUI?
I downloaded the tripwire version 2.4.1.1 but after the installation the /etc/tripwire/twinstall.sh file is not generated after the installation. I checked the contents of the RPM I downloaded and the script is not there.
How can I prepare the cfg file without this script?
[root@user]# rpm -qpl tripwire-2.4.1.1-1.i386.rpm
/etc/cron.daily/tripwire-check
/etc/tripwire
/etc/tripwire/twcfg.txt
/etc/tripwire/twpol.txt
/usr/sbin/siggen
/usr/sbin/tripwire
/usr/sbin/tripwire-setup-keyfiles
/usr/sbin/twadmin
/usr/sbin/twprint
/usr/share/doc/tripwire-2.4.1.1
/usr/share/doc/tripwire-2.4.1.1/COMMERCIAL
/usr/share/doc/tripwire-2.4.1.1/COPYING
/usr/share/doc/tripwire-2.4.1.1/ChangeLog
/usr/share/doc/tripwire-2.4.1.1/License-Issues
/usr/share/doc/tripwire-2.4.1.1/README.Fedora
/usr/share/doc/tripwire-2.4.1.1/TRADEMARK
/usr/share/doc/tripwire-2.4.1.1/policyguide.txt
/usr/share/doc/tripwire-2.4.1.1/tripwire.gif
/usr/share/man/man4/twconfig.4.gz
/usr/share/man/man4/twpolicy.4.gz
/usr/share/man/man5/twfiles.5.gz
/usr/share/man/man8/siggen.8.gz
/usr/share/man/man8/tripwire.8.gz
/usr/share/man/man8/twadmin.8.gz
/usr/share/man/man8/twintro.8.gz
/usr/share/man/man8/twprint.8.gz
/var/lib/tripwire
/var/lib/tripwire/report
server intrusion: quick fixes
View 12 Replies View RelatedMy Windows VPS has come under heavy attack by hackers trying to get through MSFTPSVC for the past month and they finally managed to somehow get in 2 days ago. Somehow, the "Allow anonymous login" setting was selected in my FTP settings and they got in.
They even managed to turn off my firewall. I guessing they used a buffer overflow or some other Windows Server 2003 weakness that was fixed in SP2 (too bad SP2 is'nt supported by SWSoft yet).
The attacks began less than 1 week after I had signed up with Virpus. I did'nt even have my domain name pointing to the server or a site up when the first set of dictionary attacks began. How common is that 0_0 ?
Anyway, since I now know they've gotten in I've run a virus check and everything looks clean but I really want to run some kind of root kit detection software. I've tried everything suggested on the antirootkit website but none of them seem to work on a VPS.
ive just installed bfd on a new server:
[url]
And im getting the following in an email every 10 minutes:
Code:
/usr/local/bfd/conf.bfd: line 26:
: command not found
/usr/local/bfd/conf.bfd: line 38:
: command not found
/usr/local/bfd/conf.bfd: line 47:
: command not found
/usr/local/bfd/conf.bfd: line 59:
: command not found
/usr/local/bfd/conf.bfd: line 60:
: command not found
/usr/local/bfd/conf.bfd: line 76:
: command not found
/usr/local/bfd/conf.bfd: line 88:
: command not found
The email is being sent from:
Cron Daemon <root@hostname.com> (replaced hostname myself)
Now i know this isnt r-fx networks support but none of there support options seem to work so i figured id post here considering the amount of users that are likely to be using bfd (or you should be)
I have a client that is certain someone is trying to hack her web-portal. I need to set up something that will alert me on suspicious activity on the server. For example someone fiddling with requests trying to make SQL / shell .. injection and similar threats.
Does any tool (for example bash script with grep) exist that would parse the raw apache logs and report if something is suspicious. Apache logs don't show the POST data so I am talking to admin to setup dump_io apache mod that enables this.
Or am I going into wrong direction here and there is whole another way to do this? I searched the web and forums for anything like this and didn't find anything.
What DNS tool do you sugest ? Bind/PowerDNS/Etc ?
And where can I find newbie information about DNS set up?
I am trying to use free -m tool to check memory usage and I am having issues with understanding.
>free -m
total used free shared buffers cached
Mem: 1003 987 15 0 147 505
-/+ buffers/cache: 334 668
Swap: 2000 4 1995
How come cached value is 505 since used value is 987, does cached is included in used 987?
What is the best tool against spam for a linux server using cpanel?
View 8 Replies View RelatedI am maintaining a dedicated server ( which have apache,mysql,ftp,dns servers) for my organization , i want to produce a weekly report on server like,
1)Avg Server load for current week
2)Avg Memory usage for current week
3)No.of time apache,mysql,dns was killed in current week
As above i want produce a report ,How can take such kind of report from server? Is there is any tool for report generation?
Is there any tool available which can be used to check permissions of the folders and files. For example, if we run the tool on the server it gives the list of files or folders which have write/modify permissions for everyone or other anonymous users in Windows.
View 0 Replies View RelatedI have a customer who is hosting a website on a dedicated server. The server is a high spec server with Intel Core 2 DUO E8400 processor, 4 GB DDR2 ECC RAM and a SATA Hard Drive. He is running only a single website which has a data entry section. The problem is that a few scripts when run consume 99% of the CPU. In fact, there is a particular script which even if run alone consumes 99% CPU. The code retrieves some records from the database by running an SQL query. The code is never executed. I have checked the sql query in the code and it runs fine if executed in SQL Query Analyzer. I know the problem is somewhere in the code, but cannot find the exact cause. Is there a tool to debug the asp code and find out may be the issue with the code? I have tried the Debug Diagnostics utility,
View 2 Replies View RelatedI have several servers and I need a tool to measure CPU/disk/memory performance.
I no nothing about hardware (and I also don't want/need to know).
The tools is to compare only - I don't care about the measure unit, I just need a way to compare the performance between my servers like which one as a faster CPU and so on...
Anyone knows such a FREEWARE (and not bloatware) tool?
If the tool has some kind of hardware report... well.. even better.
as far as i know cacti is the only script that can provide logs of the bandwidth consuming per month. I need to know how much bandwidth my server consumeto avoid overage fees.
But cacti got php function that is reuired to be enabledand its pontentional dangerou to renable some php functions, so i prefer script that is more cgi or any safer script
I recently build a server. I was wondering what tool can i use to test the stability of the hardware and the OS. (Windows2003/CentOS)
View 4 Replies View Related[url]
shows time in which a file of a certain size is sent from a chosen webhosting server to several other servers in US, Germany, UK, Hongkong, Shanghai and AU.
I want a professional opinion: Can I, from Alertra results, make a conclusion about how fast will my site hosted on a chosen server open for my US, Germany...
I'm testing modsecurity2.1.0 and I want to find out if there is a tool that I can use to test different rules i will be using. Like a tool that can generatean SQL injection or some kind of DDoS attack so I can fully test the rules.
View 3 Replies View Relatedsoftware that monitoring an web site such as: I add an url and every 5 minutes he access the site if http server is down he send email notifications.
View 4 Replies View RelatedWhich free server admin tool do you prefer? As far as I can tell Webmin and DirectAdmin are the major players (correct me if I am wrong). I am the only one with access, so their is no need for other accounts or hosting sites from others.
View 5 Replies View RelatedI have just moved to a VPS server from my shared hosting server and I am suddenly finding it tough to code equally well by just using the vim command. I have become more used to the CPanel code editor probably.
Can anyone suggest a nice tool for the same. I have installed webmin, but its code editor just sucks.
What is the equivalent to yum in the latest Redhat releases? I just got a VPS but it doesn't come with yum.
View 6 Replies View Relatedwhere can I have free network monitoring software. because I want to monitor my LAN computers when they connecting to internet like wich site browsing.
View 3 Replies View RelatedDo you know Nobody Check Security Tool? Do you recommend it?
[url]
I am having a lot of trouble with spammers and hackers. I am currently hosting my site on a windows server.
[FONT='Calibri','sans-serif']What is the best tool that I can use to protect my web-site? The tool should be easy to use and require no JAVA or Pearl and other programming languages as I am not familiar with them.
i'v see a subject for Nmap tool and how to scan servers for any Vulnerability and ports ...
so please some Expert in this to help me in install it here ...
I thought I should share this among all.
You will find many Anti spam blocker tools available in market. I recently come to know about[url]
. It’s an excellent tool to encrypt your email account if you use to display it on your website.
Generally, spammers uses robots (some kind of crawler) to get email accounts from websites. Once they get it they start selling it to other spammers and will start sending spoofing emails.
This tool will help you to encrypt your email address and stop spam coming from your website
What do you use to manage all of your hosted accounts?
We have 2 servers, and about 95 clients. We bill our clients yearly. I cant seem to rely on plesk or cpanel for billing renewal dates, owner, etc.
IS there a program out there to help me see what account is due when, etc? Also who the owner is.
Ideally, Id love it o track by server, or view all, as well as show expiration notifications.
We are just to the point where managing these on excel is getting messy.
Do many hosters use Snort (intrusion prevention software) on their servers as means to raise security level?
If not Snort, what other intrusion detection/related tools are currently popular?
It would be great to learn the opinion of hosters as well. Early-warning intrusion detection could be very useful in many cases.
What tool is there for me to copy a lots of file from one webhost (FTP site) to another webhost? Like in for migrating to another host.
I'm thinking of a tool where I can specify the FTP access information for both sites, and it would perform the copy without needing to store the files on my local hard disk first.
