[Vserver] vserver security monitoring:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
About this list Date view Thread view Subject view Author view Attachment view

From: intrigeri (intrigeri_at_boum.org)
Date: Wed 11 May 2005 - 10:19:43 BST

Hello,

I want to monitor my vservers with security tools running on the host
system ; the problem is : not all the existing tools are able to do
so. Here are the results of my first tests. I'd be happy to learn
which tools you use, how they are vserver-compliant.

---+ not working

tiger (system security vulnerabilities reporter)
http://www.nongnu.org/tiger/
Argh, the various used paths are hardcoded :/
Any alternative solution ?

---+ working

logcheck (log anomalies reporter)
http://logcheck.org/
Works ok, at least on Debian : just add the vserver logs to
/etc/logcheck/logcheck.logfiles

rkhunter (rootkit hunter)
http://www.rootkit.nl/projects/rootkit_hunter.html
Works ok, thanks to the --rootdir option

chkrootkit (rootkit hunter)
http://www.chkrootkit.org/
Works ok, thanks to the -r option

Ciao, 

-- 
  intrigeri <intrigeri_at_boum.org>
   gnupg key @ http://boum.org/intrigeri/intrigeri.asc
   [ Who wants a world in which the guarantee that we shall not ]
   [  die of starvation entails the risk of dying of boredom ?  ]

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 11 May 2005 - 10:56:33 BST by hypermail 2.1.3