Linux Defense

These links provide details around securing Linux:

http://www.sysadminwiki.net/wiki/index.php?title=Red_Hat_Hardening_Guide

http://wiki.centos.org/HowTos/OS_Protection

http://www.cyberciti.biz/tips/linux-unix-bsd-nginx-webserver-security.html

http://wiki.eri.ucsb.edu/sysadm/SELinux

Log Processing

  • Clearcutter – a tool for processing unfamiliar log files and samples
  • Identify specific log messages present in a file
  • Identify sequences of log entries that describe an activity thread’
  • Test OSSIM plugins against log samples and produce validated Regexes
  • Profile regexes for performance against each other and real logs

IP Reputation Database

http://labs.alienvault.com/labs/index.php/projects/open-source-ip-reputation-portal/download-ip-reputation-database/