On Thu, Oct 30, 2008 at 9:02 AM, Josh More <span dir="ltr"><<a href="mailto:morej@alliancetechnologies.net">morej@alliancetechnologies.net</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I suspect that a number of us know about some of the more common open<br>
source and no-longer-open-source security tools (nessus, nmap, snort,<br>
etc). However, I am curious as to whether or not anyone here has been<br>
playing with the newer tools.<br>
<br>
Does anyone have any favorite open source / open source friendly tools<br>
that do log management or web vulnerability scanning?<br>
<br>
I'm starting to look at proxystrike, ratproxy and nikto for web<br>
vulnerability scanning. Any others I should look at?<br>
<br>
Has anyone used LogLogic/LASSO for cross-platform log management?<br>
<br>
Any others I should be considering?<br>
<br>
<br>
<br>
-Josh More, RHCE, CISSP, NCLP, GIAC<br>
<a href="mailto:morej@alliancetechnologies.net">morej@alliancetechnologies.net</a><br>
515-245-7701<br>
<br>
_______________________________________________<br>
Cialug mailing list<br>
<a href="mailto:Cialug@cialug.org">Cialug@cialug.org</a><br>
<a href="http://cialug.org/mailman/listinfo/cialug" target="_blank">http://cialug.org/mailman/listinfo/cialug</a><br>
</blockquote></div><br>Well, while I don't know anything about log management tools, when it comes to security tools, I've implemented OSSEC (HIDS) and I'm pretty happy with that. <a href="http://www.ossec.net/">http://www.ossec.net/</a>. It monitors logs files for signs of attack and can report or take an active response. It also does file integrity checking and rootkit checking.<br clear="all">
<br>-- <br>Jerry<br>