Hello list, Given the recent traffic about compromised systems, I thought this might be of interest: http://www.linuxsecurity.com/feature_stories/feature_story-12.html The above is a story about LIDS, The Linux Intrusion Detection System. It not only detects intrusions, but it can even prevent the superuser (root) from modifying protected resources. The only way to bypass it would be to reboot the system with a different kernel, something which would generally require physical access to the machine (i.e., to boot off of floppy). That, possibly combined with AIDE (Advanced Intrusion Detection Environment, the GNU alternative to the commercial Tripwire), should work pretty well to protect systems that need protecting. Might be worth looking into for some people. -- Ben Scott <[EMAIL PROTECTED]> Net Technologies, Inc. <http://www.ntisys.com> Voice: (800)905-3049 x18 Fax: (978)499-7839 ********************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **********************************************************
