Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Auditing for Linux

Posted by michael on from the whodunnit dept.

malibu_mex writes: "LinuxToday, ZDNet Australia, and NewsForge are all reporting on a loadable kernel module + GUI combination that implements an auditing subsystem on Linux (Like the NT event logger, or solaris BSM). This could be yet another reason for big business and government to migrate away from the costly commercial alternatives to Linux. First it was SAMBA, now it's SNARE. What have these Aussies got with 5 letter 'S' names? This topic has been discussed on Slashdot previously here."

6 of 112 comments (clear)

  1. Quick security audit for Linux by BrianW · · Score: 0, Insightful

    Q. Is it RedHat?

    A. Yes.

    Conclusion: It's insecure.

  2. Another Link by _DMan_ · · Score: 3, Insightful

    CNET

    Although this storuy claims "is the first intrusion detection system to reside on individual computers rather than a network"
    which is clearly wrong.

  3. tail -f /var/log/messages by Nijika · · Score: 3, Insightful
    Ok folks, here's the deal; It's not the fancy little GUI widgets that sell Windows solutions, it's the full color two page ads in "CXO Magazine", or some other publication. It's the paid fud, it's the sales calls, it's the brand name the CxO sees when they head out to Wal-Mart. It's the last 20 years of business computing history, NOT THE GADGETS.

    The people that make the decisions to go Microsoft will almost never touch the systems they implement.

    Tough cookies, but that's the real deal. Don't believe me? Go to a magazine store and pick up some financial glossies...

    --
    Luck favors the prepared, darling.
    1. Re: tail -f /var/log/messages by foo+fighter · · Score: 3, Insightful

      I would like to kindly disagree.

      While they weren't huge cases (handful of servers, 250-500 machines/users) my organization has chosen Windows NT for our Network Operating System solution and desktop OS in the past precisely because of the 'widgets' which made security administration much easier than on linux.

      The Event Log utility makes tracking system, application, and security events a breeze. Having the ACL controls integrated into the system and file manager makes controlling access much more flexible (IMHO, not trying to start a flame) than linux's traditional methods.

      Finally, in the organizations I've worked in the Executives relied heavily on input from the engineers who would be running the systems. They realized that the sysadmins had a better idea of what was needed than they did, and acted on that information accordingly.

      --
      obviously no deficiencies vs. no obvious deficiencies
  4. Short Time to Market by 1alpha7 · · Score: 2, Insightful

    The short time to market can also be attributed to three other factors, according to Cora: "We have the programming skills, we have a small company that is not bureaucratic, and we put aside the established OSes (operating systems) and started from scratch."

    After my own heart. Bureaucracies are not an "asset", and trying to salvage (reuse) existing stuff, that happens to be crap, is not "efficient".

    1Alpha7

    --
    Live to be Moderated
  5. Why it's "cool" when... by Anonymous Coward · · Score: 1, Insightful

    It's "cool" because Microsoft is not.

    Take for instance, this: The megacorp I used to work at was coerced into migrating from Navigator to IE, otherwise, we 'sure wouldn't like the new cost of the Office license when it comes up for negotiation'.

    It's not good for the economy, world, computing industry to have companies running around using threats to stifle the potential of other companies, especially if the company that loses out has a superior product.

    Let's say you developed some software and tried to make a living by selling it. How would you feel if a company came in with an inferior product and told your biggest client they had better stop using yours or they'd face higher prices on unrelated software that they were already invested and dependant upon? Legal or not, all-is-fair-in-love-and-war or not, I call that a "low blow". I call that "immoral". I call that not being the best but still winning first prize.

    It's "cool" anytime you can get similar functionality from something which is community-supported, rather than monopoly-coerced.

    It's "cool" when Linux is ahead of Windows because it (usually) shows how people with (usually) selfless intentions, people with passion for the art of computing, are able to lead the way; to demonstrate their vision and skill while doing something that is for the common good. Not (usually) for Money, but for Kindness and other generally soft and fluffy concepts.

    In my book, "selfless" = Good.

    In my book, "greedy" = Evil.

    So, to me, this is about Good versus Evil. The events that I have been exposed to don't, imho, point to any other conclusion.

    And Good is "cool".