You can adjust the schedule to hourly (if you??™re paranoid and/or have an application
that is behaving suspiciously), weekly, or monthly (if you??™re already buried in
reports). Use the AppArmor Reports module to view the reports, or ask that they be
emailed to you and two other people.
Other Security Utilities to Consider
In addition to the tools mentioned thus far, you should also consider adding some basic
Linux security tools to your toolbox. These include the following:
. Tripwire??”This is one of the best file system monitoring tools around. It records
information about important files (such as checksums) in a database. If anything
changes in those files, Tripwire will catch the change when it runs (configure it as
often as you like with cron) and will alert you. More information on Tripwire can be
found at http://www.tripwire.org.
CHAPTER 23 Securing Your Machines 488
. Snort??”This is a sniffer that monitors network packets and can be used to alert you
to suspicious activity. Acting as an intrusion detection system, it can offer you the
first warning that a possible attack is underway.
Pages:
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951