Closed arlake228 closed 9 years ago
Comment #1 originally posted by arlake228 on 2013-08-12T21:04:27.000Z:
Report available here:
https://code.google.com/p/perfsonar-ps/wiki/pSPT_Host_Security
Recomendation is to include either fail2ban or denyhosts and rkhunter. Configure these to send mail to root to start (localhost delivery only). Figure out a mechanism to configure smtp relaying so they get mail. Can be a prompt in the installation/wizard. Would still 'work' without mail of course.
Documentation needed for psps and fasterdata on what is being offered.
Comment #2 originally posted by arlake228 on 2013-10-15T18:30:56.000Z:
<empty>
Comment #3 originally posted by arlake228 on 2013-10-18T14:34:55.000Z:
<empty>
Comment #4 originally posted by arlake228 on 2014-08-13T18:04:08.000Z:
Jason: Can we close this one?
Comment #5 originally posted by arlake228 on 2014-08-13T21:07:10.000Z:
Please leave open, because it is a reminder for me that i need to put the report I wrote on the new web page. If you want to change the milestone to be non-critical, that works too.
Original issue 740 created by arlake228 on 2013-06-27T20:06:10.000Z:
From: Brian Tierney <bltierney@es.net> Subject: [sciencedmz] host IDS recommendations? Date: June 27, 2013 10:38:14 AM EDT To: Science DMZ List <sciencedmz@es.net>
I just learned that the University of Illinois is running OSSEC (http://www.ossec.net/) on all their DTNs for added security, since the DTNs are outside the firewall. This seems like a very good idea.
Who else has experience with with OSSEC? Do you like it? Anyone else using other open source host IDSes solutions that they would recommend?
This is the sciencedmz mailing list. To subscribe or unsubscribe to this list, go to https://gab.es.net/mailman/listinfo/sciencedmz