s.p.thompsonMINDSPRING.COM

• Next message: Kevin Timm: "Re: log monitoring"
• Previous message: ksemat: "Re: log monitoring"
• In reply to: ksemat: "Re: log monitoring"
• Next in thread: Kevin Timm: "Re: log monitoring"
• Reply: Stephen Thompson: "LIDS kernal patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

I have been reading the list for a number of weeks now, quietly
following links for papers on security and configuration (excellent
advice has been posted from what I have read).

I have noticed that during some of the threads where people are
asking for recommendations on securing thier box, suggestions for the
openwall patch have been given, along with suggestions for
portsentry, snort, ipchains etc. What I found interesting is that
no-one seems to be recommending that LIDS be deployed.

Is there a general concensus on whether to deploy LIDS or not ?
From reading about LIDS capabilities I am supprised to see it abscent
in recommendations (although I haven't as yet tried to deploy it, just
read about it's features).

If there is some reason why it's not generally used/recommended I
would appreciate being educated on the point.

Thank you for your time.

Stephen Thompson

- ---
I can please only one person per day.
Today is not your day.
Tomorrow isn't looking good either.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOe3SN5+Gujifew9TEQIBRACgloKBG0ZVX8z82ZacXTv4P8ZN2lAAnjp1
iwr18592ywY1keGmhLf853hK
=wTFT
-----END PGP SIGNATURE-----

• Next message: Kevin Timm: "Re: log monitoring"
• Previous message: ksemat: "Re: log monitoring"
• In reply to: ksemat: "Re: log monitoring"
• Next in thread: Kevin Timm: "Re: log monitoring"
• Reply: Stephen Thompson: "LIDS kernal patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]