arlake228
commented
9 years ago Comment #1 originally posted by arlake228 on 2013-08-12T21:04:27.000Z:
Report available here:
https://code.google.com/p/perfsonar-ps/wiki/pSPT_Host_Security
Recomendation is to include either fail2ban or denyhosts and rkhunter. Configure these to send mail to root to start (localhost delivery only). Figure out a mechanism to configure smtp relaying so they get mail. Can be a prompt in the installation/wizard. Would still 'work' without mail of course.
Documentation needed for psps and fasterdata on what is being offered.
Original issue 740 created by arlake228 on 2013-06-27T20:06:10.000Z:
From: Brian Tierney <bltierney@es.net> Subject: [sciencedmz] host IDS recommendations? Date: June 27, 2013 10:38:14 AM EDT To: Science DMZ List <sciencedmz@es.net>
I just learned that the University of Illinois is running OSSEC (http://www.ossec.net/) on all their DTNs for added security, since the DTNs are outside the firewall. This seems like a very good idea.
Who else has experience with with OSSEC? Do you like it? Anyone else using other open source host IDSes solutions that they would recommend?
This is the sciencedmz mailing list. To subscribe or unsubscribe to this list, go to https://gab.es.net/mailman/listinfo/sciencedmz