Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
-1 votes
3 answers
222 views

Monitor web server directories for changed / new files

TL;DR: Is there an easy why to monitor directories for new/changed/deleted files? Details: A simple WordPress website on a virtual server got hacked. Nothing too serious. No important project / data ...
Andrei Herford's user avatar
1 vote
0 answers
132 views

aws guardduty some alerts won't notify on slack

I have recently setup aws guardduty with slack notification using this guide right https://medium.com/@damitj07/how-to-create-a-slack-alert-for-guardduty-49d542927529, there were a few issues with the ...
logax's user avatar
  • 139
0 votes
1 answer
115 views

Ansible security best practices for monitoring

I have several servers at home. I would like to have one computer that will monitor activity on those and notice me if something is wrong. For that reason I install ansible there. In order to have ...
Addman's user avatar
  • 109
1 vote
1 answer
126 views

how to monitor a secure lab's machine and product's log files from my organization laptop?

I'm trying to find a solution that will help me to monitor the product's machines and log files in each one of them. here are some fact about my working environment: I have a product that's installed ...
Hiddai's user avatar
  • 105
0 votes
1 answer
110 views

Is there any tool or service for checking your server's version and detect vulnerabilities and patches? [closed]

I am looking for a tool or something like a server/control panel that can list all the infrastructure I am using and its version (i.e. Redis Server version 6.4.x). It would be useful in order to get a ...
mtm41's user avatar
  • 1
0 votes
0 answers
39 views

Is it possible to ensure detection and logging of all attempts to copy data out of a system?

Say I have a server set-up for processing sensitive data. The few authorised users of the system are instructed not to copy any of the sensitive data out of the platform, but could in principle do so ...
Thomas Arildsen's user avatar
-1 votes
1 answer
31 views

Securing System Monitoring wall display PCs

I have several windows machines which drive dashboards on wall mounted displays for system and network monitoring. I would like to be able to secure them from unauthorized access or modification. ...
SlyOne's user avatar
  • 363
0 votes
1 answer
102 views

Enforcing monitoring on AWS resources

We have a couple huge AWS accounts and I've been tasked with implementing guidelines for monitoring resources and ensuring that monitoring is set up for all existing and future resources. Is there ...
blizz's user avatar
  • 1,154
1 vote
3 answers
7k views

Someone just trying to hack me? login.cgi+wget

I'm build a new server on Apache, actually I am learning, so I'm trying different things. My security system is already done, but of course I may miss something, or, if not, I do understand that today ...
Robbie KN's user avatar
  • 113
0 votes
1 answer
354 views

Azure Security Center - Would the Monitoring Agent work on AWS and GCP VMs

I'm looking at Azure Security Center. I know it can be used to monitor not just VMs on Azure, but also VMs outside of Azure using an installable Monitoring Agent. My question is whether this agent ...
user9975441's user avatar
0 votes
0 answers
1k views

OSSEC - Not seeing alerts on the Server from file changes on the Agent

I have an OSSEC server and Agent installed and configured. I have imported the key to the Agent and they appear to be communicating. However, I am trying test the file integrity monitoring feature and ...
user8897013's user avatar
0 votes
1 answer
40 views

Fetch changelogs for multiple Linux distros?

I'm trying to build a service that can take a distro, package, and a version number, and use that information to check if there's an active CVE out for that tuple. after some searching, I've found ...
user358829's user avatar
0 votes
0 answers
78 views

How to securely gather multiple servers data for monitoring

I got an 'admin' server where all admin GUI can be accessed. I also have 2 other servers, 1 web and 1 db. As I expand for a nodejs server/api, I was wondering how could I transfer servers information ...
Jayd's user avatar
  • 73
0 votes
1 answer
49 views

Monitoring stats published on our site, should we?

So this could also fit @InformationSecurity as some concerns are related to security. We are building the website for our gameserver hosting project and we would like to be as transparent as possible ...
sysfiend's user avatar
  • 1,407
0 votes
1 answer
123 views

How do I monitor for security updates for an uninstalled Debian package

I'm looking after a server which has a customised package, based on a patch against an upstream debian package from a different version of debian to what the server actually runs. I want to make sure ...
mc0e's user avatar
  • 5,941
0 votes
1 answer
321 views

Security Test and Monitoring for AWS EC2 running SFTP using OpenSSH? [closed]

I have an EC2 Instance that is running SFTP via OpenSSH on Amazon Linux (CentOS). I'd like to run some tests to check for vulnerabilities that I'm not aware of, and I'd like to run monitoring software ...
T. Brian Jones's user avatar
-1 votes
1 answer
3k views

How do I execute monit commands from a shell script without root access?

I've installed and configured monit on a Debian server and opened the http service to localhost and gave rw permissions to the group "monit". I created this group and added myself to this group. The ...
user avatar
1 vote
1 answer
1k views

Monit sshd binary Checksum Check and Restart

I'm going over a monit config file and something doesn't seem right. I'm using monit to monitor the checksum of the sshd binary, if its different from whats expected it should reload a known binary. ...
T. Thomas's user avatar
  • 187
-2 votes
3 answers
2k views

Is there a GUI tool to log and view outgoing CURL requests from a Linux server? [duplicate]

I've seen several similar questions - but none that truly answer the question. So here goes: PROBLEM: A script is being run on one of our servers that is making outgoing post (and other) requests ...
Lee Fuller's user avatar
1 vote
1 answer
69 views

is there a tool for windows 7 that can find which program is modifying a particular file [duplicate]

My system is infected by a malware that keeps modifying a particular configuration file. Is there a way/tool to find out which program is making change to a particular file? I am simply looking for a ...
Prabhat's user avatar
  • 183
0 votes
1 answer
422 views

Centralised log monitoring for linux servers [closed]

I've read several QA on this site about monitoring servers, but I found out, that none of them centralises all the logs I want to watch. To describe my situation: 10 linux hosts Using logwatch to ...
Marek Sebera's user avatar
-1 votes
1 answer
370 views

Alerting on threshold crossing?

We are using logstash + elasticsearch + Kibana to parse, store and view our logs respectively. Now, we want a notification/alert when a threshold for a particular log or threshold for a particular ...
Siddharth Trikha's user avatar
0 votes
2 answers
105 views

making sure that iptables is running

Is there a tool for monitoring that iptables (or shorewall or similar) is up and running with a core set of important rules? I need something which alerts me either if the firewall goes donw ...
bitbox's user avatar
  • 3
2 votes
1 answer
744 views

Remote disk monitoring with WMI without admin rights

I am setting up a restricted WMI group that should be able to read WMI information from my remote hosts. I have the group set up as member of the remote DCOM and performance monitor groups. I also ...
Tim Brigham's user avatar
  • 15.6k
1 vote
3 answers
2k views

Apache httpd server 'is it possible': Alert on specific condition in access/error log

I'm just wondering is it there some module which can detect certain event in access/error log and if it matches it, to send an email with information. example: I want to detect when someone makes ...
Daniel Stoinov's user avatar
5 votes
4 answers
142 views

Monitor someone on server

Im in the unfortunate position of having to give someone who I do not fully trust privileged access to a webserver to finish work that they never completed. They will access the server remotely (ie I ...
user avatar
3 votes
1 answer
236 views

What is the best way to determine server resources each remote user is using

I manage some Win2008R2 servers on the network for my department. Each server usually has 10 - 20 users at a time connected to it. They are nothing more than locked down file servers on the domain. ...
Dave's user avatar
  • 131
1 vote
2 answers
2k views

What are the important log files to monitor for security purposes on a web server?

I have looked at many logs and it seems that some of them are more relevant for monitoring purposes against hackers. The ones I found are: -auth.log -mail.log: if i'm running a mail server, will this ...
ericd's user avatar
  • 213
0 votes
1 answer
1k views

What is wrong with my Watcher (incron-like) daemon?

I have installed Watcher this way: both watcher.py and watcher.ini are located in /etc I also installed pyinotify and it does work when I use python -m pyinotify -v /var/www However, I want to use ...
ericd's user avatar
  • 213
0 votes
1 answer
382 views

Is there a ready-made inotify program to monitor changes on a directory?

I am trying to understand how inotify works and it seems that you need to program stuff in C for it to work. Since I don't know C, I was wondering if there is a program or script already made to ...
ericd's user avatar
  • 213
-3 votes
1 answer
255 views

what are the must have applications for an intermediate devop? [closed]

Over the past year my responsibilities have grown from managing 5 servers to 20+. Most all of these are either on EC2 or Linode and they all serve different purposes. Some are on CentOS and others on ...
Thomas V.'s user avatar
  • 2,141
0 votes
4 answers
791 views

How to determine the cause of high resource usage for two hours last week?

I know there are several tools I can use to find out what's causing heavy network and CPU usage right now, but every so often on my server I'll check the logs and notice that there were periods of ...
Brian Lacy's user avatar
  • 1,123
5 votes
1 answer
330 views

Exchange security monitoring tools [closed]

I am trying to identify tools that can perform security monitoring of Exchange. Ideally, the tools should be able to pick up things like: permission changes for high risk mailboxes multiple ...
Konrads's user avatar
  • 900
0 votes
1 answer
524 views

How can I monitor the network on ESXi node for connections and find the source of a ddos attack

I'm looking for something fairly simple to install, that will monitor network traffic on the vswitch for my esxi node as we're getting ddosed and I need to be able to easily see where the traffic is ...
huddy's user avatar
  • 1
1 vote
2 answers
3k views

SNMP vs WMI security

Windows 2008 and 2003 servers. Would like to monitor server health remotely over internet. The monitoring computer may change IP(non-static IP). Trying to decide SNMP or WMI. SNMP seems to only allow ...
JoeJoe's user avatar
  • 193
0 votes
1 answer
425 views

outgoing DNS flood targeted to non-ISP hosts

Below is the specific traffic monitored at the network perimeter and originating from a user PC on Vista platform. My question is not about the effects of the flood, but about the nature of the ...
user avatar
2 votes
4 answers
355 views

What are the "must " security tools for small organizations?

One of my friend has started a company, it's a small-scale company that has a 40 workers.There is two guys also responsible for the security and IT related issues.He is managing the LAN, Webpage of ...
Berkay's user avatar
  • 431
7 votes
6 answers
6k views

Monitor the shell activity of a user on your Unix system?

Trust, but verify. Let's say I want to hire someone a sysadmin, and give them root access to my Unix system. I want to disable X windows for them, only allow shell usage (through SSH, maybe), so that ...
Joseph Turian's user avatar
2 votes
1 answer
1k views

How do you avoid/detect DNS hijacking? (aka latest twitter hack)

It is all over the news today that Twitter was hacked by a DNS redirection/hijacking. My question is, what tools or techniques do you guys use to monitor your DNS/whois and detect this kind of ...
1 vote
5 answers
221 views

Network Monitoring and Filtering [closed]

As the IT administrator for my company I have been tasked with deciding what traffic to filter, shape, and othewise monitor on our network. What protocols, applications, and other network traffic do ...
Xap's user avatar
  • 421
0 votes
3 answers
131 views

Monitor communication to outside the network

I work at a place where they have access to very sensitive data and think a lot about security. I dont want to ask bc they may lie, is there software to monitor data such as email (pop/imap AND ...
user avatar
-1 votes
5 answers
184 views

System Access Monitoring Software [closed]

Are there any programs that you would recommend that monitor access to your computer from the network? Windows XP Professional My "monitor" I mean log system access from he network. What folders and ...
Beaner's user avatar
  • 121
3 votes
5 answers
1k views

Positive vs. negative monitoring

Ive been looking at monitoring for a while. My org didnt have any before i came other than 'whered my yahoo go'. It appears that most packages out there focus on negative monitoring (ie, this ...
Devnull's user avatar
  • 951
0 votes
1 answer
492 views

Safely Grant Access to SQL 2005 Replication Monitor to Create Snapshots

0 vote down star I have a database that I'm publishing to a remote site using Snapshot replication (only method that will work given the application and database schema). Because the replica ...
Brian Spolarich's user avatar
24 votes
7 answers
35k views

Monitor an incoming SSH session in real time

Is there any linux software to monitor an incoming ssh session. At a previous job I was told that if you ever needed support from Red Hat for example you could have them SSH into your machine and you ...
Richard's user avatar
  • 627
0 votes
2 answers
373 views

Secure way to monitor and restart services that require password

Sometimes when the power goes out and the UPS dies before it goes back on, some services on our servers don't come back up. Namely some VMware virtual machines. I was thinking of setting up a ...
Ivan's user avatar
  • 3,192
5 votes
15 answers
3k views

How can I be notified if somone is attempting to hack into a Linux server? [closed]

I'd like to be notified via email if our Linux servers are under any kind of hacking attempt or service attack. Is there some kind of all-in-one solution that can monitor for suspicious activity and ...
cowgod's user avatar
  • 3,530