I'm releasing a new software package for UNIX that automates log file
auditing for unusual activity and security violations. This package
works very well with Firewall Tool Kit from TIS, as well as stand-alone
systems running the TCP wrapper and similiar utilities.
This package is essentially a clone of the "frequentcheck.sh" scripts
from the TIS Gauntlet system, but has been _completely_ re-written and
implemented in a slightly different manner to make it more generic for
systems not running FWTK. I *have* asked for permission to clone this
package from sources at TIS and there were no objections mentioned to me
about doing this.
This package has been extensively tested (about a year)on BSDI 2.x,
Linux (Slackware and Redhat) and FreeBSD 2.x with no problems. The
systems ranged from personal workstations to full-blown high volume ISP
websites. No problems have been reported with it's use.
Please visit my website at : http://www.psionic.com for more
The actual program is located on : http://www.psionic.com/logcheck.html
This is a low-bandwidth site (28.8) so please be patient if it is slow.
Thank you for your time..
-- Craig Rowland