Linux Defense

These links provide details around securing Linux:

Log Processing

  • Clearcutter – a tool for processing unfamiliar log files and samples
  • Identify specific log messages present in a file
  • Identify sequences of log entries that describe an activity thread’
  • Test OSSIM plugins against log samples and produce validated Regexes
  • Profile regexes for performance against each other and real logs

IP Reputation Database