LUSER - was RE: more attacks
Warren Togami
warren at togami.com
Fri Jul 27 19:32:30 PDT 2001
I wrote a program called luser that checks your Unix syslogs every hour
looking for bad messages, then e-mails reports to the administrator. It is
similar to the popular Psionic Logcheck tool that many Unix admins have used
for years, except it is much more flexible and has the capability of
generating better reports to save administrator time. Rather than supplying
default rule files like logcheck, my included rule files are blank, because
I believe that you as the administrator should choose exactly which messages
should be ignored, and what severity all types of syslog messages are to be
categorized within.
http://luser.mplug.org
This is a preliminary test version that works great on several production
Red Hat Linux servers that I maintain, but I need beta testers on other
Linux and Unix platforms like Solaris, *BSD, and Mac OS X. Please e-mail me
if you need any help in configuration.
LUSER stands for Log Unix Syslog E-mail Reporter
----- Original Message -----
From: "Jon Reynolds" <proteon at gci.net>
To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
Sent: Friday, July 27, 2001 9:32 AM
Subject: [luau] RE: more attacks
> hey Dusty, what do you use to watch your systems? I have a dns and a
> web/mail server and am not real sure how to watch them. Could you maybe
try
> and access them from where you are and let me know of any vulnerabilities?
>
> Jon
>
More information about the LUAU
mailing list