IDS mailing list archives
Solaris-BSM-like Linux Auditing.
From: Konrad Rieck <kr () roqe org>
Date: 09 Jun 2003 15:06:47 +0200
Hi *, I am looking for Linux software that generates audit trails similar in detail and complexity to Solaris BSM logs. I am currently preparing my master thesis on machine learning in host-based IDS and would like to work with Linux instead of Solaris data. I could only spot a few Linux audit systems [1-4], which probably can't mess with the Solaris BSM. [1] SecureAudit, http://secureaudit.sourceforge.net/ [2] SNARE, http://www.intersectalliance.com/projects/Snare/ [3] SCSLog, http://www.suse.de/~thomas/tools/scslog/ [4] LinuxBSM, http://linuxbsm.sourceforge.net/ Are there other Linux audit systems? Has anyone of this list made (serious) experiences with one of the above systems? Regards, Konrad -- Konrad Rieck <kr () roqe org> - http://people.roqe.org/kr PGP: 5803 E58E D1BF 9A29 AFCA 51B3 A725 EA18 ABA7 A6A3
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Solaris-BSM-like Linux Auditing. Konrad Rieck (Jun 09)