Security Auditing for Linux

← Back to Stories (view on slashdot.org)

Posted by michael on Thursday November 8, 2001 @02:18AM from the whodunnit dept.

malibu_mex writes: "LinuxToday, ZDNet Australia, and NewsForge are all reporting on a loadable kernel module + GUI combination that implements an auditing subsystem on Linux (Like the NT event logger, or solaris BSM). This could be yet another reason for big business and government to migrate away from the costly commercial alternatives to Linux. First it was SAMBA, now it's SNARE. What have these Aussies got with 5 letter 'S' names? This topic has been discussed on Slashdot previously here."

4 of 112 comments (clear)

Min score:

Reason:

Sort:

Another Link by _DMan_ · 2001-11-08 02:24 · Score: 3, Insightful

CNET

Although this storuy claims "is the first intrusion detection system to reside on individual computers rather than a network"
which is clearly wrong.
tail -f /var/log/messages by Nijika · 2001-11-08 02:33 · Score: 3, Insightful

Ok folks, here's the deal; It's not the fancy little GUI widgets that sell Windows solutions, it's the full color two page ads in "CXO Magazine", or some other publication. It's the paid fud, it's the sales calls, it's the brand name the CxO sees when they head out to Wal-Mart. It's the last 20 years of business computing history, NOT THE GADGETS.
The people that make the decisions to go Microsoft will almost never touch the systems they implement.
Tough cookies, but that's the real deal. Don't believe me? Go to a magazine store and pick up some financial glossies...

--
Luck favors the prepared, darling.
1. Re: tail -f /var/log/messages by foo+fighter · 2001-11-08 03:23 · Score: 3, Insightful
  
  I would like to kindly disagree.
  
  While they weren't huge cases (handful of servers, 250-500 machines/users) my organization has chosen Windows NT for our Network Operating System solution and desktop OS in the past precisely because of the 'widgets' which made security administration much easier than on linux.
  
  The Event Log utility makes tracking system, application, and security events a breeze. Having the ACL controls integrated into the system and file manager makes controlling access much more flexible (IMHO, not trying to start a flame) than linux's traditional methods.
  
  Finally, in the organizations I've worked in the Executives relied heavily on input from the engineers who would be running the systems. They realized that the sysadmins had a better idea of what was needed than they did, and acted on that information accordingly.
  
  --
  obviously no deficiencies vs. no obvious deficiencies
Short Time to Market by 1alpha7 · 2001-11-08 03:04 · Score: 2, Insightful

The short time to market can also be attributed to three other factors, according to Cora: "We have the programming skills, we have a small company that is not bureaucratic, and we put aside the established OSes (operating systems) and started from scratch."

After my own heart. Bureaucracies are not an "asset", and trying to salvage (reuse) existing stuff, that happens to be crap, is not "efficient".

1Alpha7

--
Live to be Moderated