detecting Solaris tojans with argus
Peter Van Epp
vanepp at sfu.ca
Mon Feb 7 22:20:07 EST 2000
I'm in the process of generalizing the start/stop (and a new restart)
perl from Shadow 1.6 so it can start Shadow and Argus (and probably snort as
well if I get to playing with that any time soon), roll log files and restart
in the same log file from cron as necessary on reboots or crashes (not that I
have seen any of those) in a way that could stand to see the light of day :-) .
Once thats done I'll ship it along. I also have a perl parsing subroutine that
needs some cleaning which is useful for quick perl scripts of ra output. Both
also need some documentation which I'll get to as well. No guarantees about how
quickly any of this will go though.
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
>
>
> Peter, I placed your perl code out at
> ftp.andrew.cmu.edu/pub/argus/contrib
>
> I also placed the 1.8 code and previous versions of 1.5
> and 1.7b1e there. I'm soliciting additional crontrib foo
> along with help to write a readme and whatever else would
> be useful or make sense..
>
> I'll leave some tombstones back and sei.cmu.edu when I get
> a chance, also will likely move the argus at sei.cmu.edu author
> list to andrew, and try to track down the mirrors to track
> the new location.
>
> Wishing I had more time to work on it...
> mark.
>
More information about the argus
mailing list