Comments on: Monitor your system for threats with rsec alerts http://linsec.ca/blog/2009/08/25/monitor-your-system-for-threats-with-rsec-alerts/ You can have it right, or you can have it now. But you can't have it right now. Sun, 18 Jul 2010 22:01:13 +0000 hourly 1 http://wordpress.org/?v=3.0 By: vdanen http://linsec.ca/blog/2009/08/25/monitor-your-system-for-threats-with-rsec-alerts/comment-page-1/#comment-4025 vdanen Fri, 28 Aug 2009 13:24:40 +0000 http://linsec.ca/blog/?p=560#comment-4025 You can grab the source rpm from http://repo.annvix.org/media/EL5/SRPMS/ and rebuild it on Fedora. I haven't tested whether or not it works on Fedora (it should, although the rpm spec might need some tweaking), but I actually planned to try it out this weekend (I don't run Fedora on servers, and rsec might be a pain on a laptop, which is why I've never tried it). Maybe this could be my first package maintainership for Fedora... hmmm.... You can grab the source rpm from http://repo.annvix.org/media/EL5/SRPMS/ and rebuild it on Fedora. I haven’t tested whether or not it works on Fedora (it should, although the rpm spec might need some tweaking), but I actually planned to try it out this weekend (I don’t run Fedora on servers, and rsec might be a pain on a laptop, which is why I’ve never tried it).

Maybe this could be my first package maintainership for Fedora… hmmm….

]]> By: tahlen http://linsec.ca/blog/2009/08/25/monitor-your-system-for-threats-with-rsec-alerts/comment-page-1/#comment-4022 tahlen Thu, 27 Aug 2009 23:44:24 +0000 http://linsec.ca/blog/?p=560#comment-4022 I am running fedora linux and I've been looking to test rsec but can't find anywhere to download it. Might you point me to a download location? It does sound useful. I am running fedora linux and I’ve been looking to test rsec but can’t find anywhere to download it. Might you point me to a download location? It does sound useful.

]]> By: vdanen http://linsec.ca/blog/2009/08/25/monitor-your-system-for-threats-with-rsec-alerts/comment-page-1/#comment-4016 vdanen Wed, 26 Aug 2009 16:04:46 +0000 http://linsec.ca/blog/?p=560#comment-4016 Hmmm... we should do something like that. I tend to cherrypick bits from msec to roll back into rsec, so the reporting capabilities of the latest rsec should be quite close to those in current msec. But merging/sharing that codebase could be useful too. Hmmm… we should do something like that. I tend to cherrypick bits from msec to roll back into rsec, so the reporting capabilities of the latest rsec should be quite close to those in current msec. But merging/sharing that codebase could be useful too.

]]> By: Eugeni http://linsec.ca/blog/2009/08/25/monitor-your-system-for-threats-with-rsec-alerts/comment-page-1/#comment-4012 Eugeni Wed, 26 Aug 2009 13:40:40 +0000 http://linsec.ca/blog/?p=560#comment-4012 If you are interested only in reporting capabilities of msec, take a look here: http://dodonov.net/blog/2009/06/26/msec-updates/ All the source is still on mandriva svn: http://svn.mandriva.com/svn/soft/msec/trunk/cron-sh/ I guess some of its features could be quite interested for rsec (like the unified Diffcheck function, logging, and so on). If you are interested, I am more than welcome on working with you on getting msec and rsec to use some common code base, or share features. To get into it quickly, take a look at scripts/02_network.sh for example - it is short and easy to understand (I hope :)). If you are interested only in reporting capabilities of msec, take a look here:

http://dodonov.net/blog/2009/06/26/msec-updates/

All the source is still on mandriva svn:

http://svn.mandriva.com/svn/soft/msec/trunk/cron-sh/

I guess some of its features could be quite interested for rsec (like the unified Diffcheck function, logging, and so on). If you are interested, I am more than welcome on working with you on getting msec and rsec to use some common code base, or share features.

To get into it quickly, take a look at scripts/02_network.sh for example – it is short and easy to understand (I hope :) ).

]]>