From: intrigeri (intrigeri_at_boum.org)
Date: Wed 11 May 2005 - 10:19:43 BST
Hello,
I want to monitor my vservers with security tools running on the host
system ; the problem is : not all the existing tools are able to do
so. Here are the results of my first tests. I'd be happy to learn
which tools you use, how they are vserver-compliant.
---+ not working
tiger (system security vulnerabilities reporter)
http://www.nongnu.org/tiger/
Argh, the various used paths are hardcoded :/
Any alternative solution ?
---+ working
logcheck (log anomalies reporter)
http://logcheck.org/
Works ok, at least on Debian : just add the vserver logs to
/etc/logcheck/logcheck.logfiles
rkhunter (rootkit hunter)
http://www.rootkit.nl/projects/rootkit_hunter.html
Works ok, thanks to the --rootdir option
chkrootkit (rootkit hunter)
http://www.chkrootkit.org/
Works ok, thanks to the -r option
Ciao,
-- intrigeri <intrigeri_at_boum.org> gnupg key @ http://boum.org/intrigeri/intrigeri.asc [ Who wants a world in which the guarantee that we shall not ] [ die of starvation entails the risk of dying of boredom ? ]
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver