cipherdyne.org

10 January, 2007

Tenable Network Security under the direction of Ron Gula has released a parser library for their Log Correlation Engine (LCE) so that syslog events from psad can be imported and analyzed. As the adoption of Linux systems continues to accelerate in both the commercial and non-commercial sectors, people are increasingly in a position to run the iptables firewall to enhance their security posture. With the verbose logging format offered by iptables, it is possible to detect a significant number of different attacks that involve the network and transport layer headers. psad automates this detection process, and now the output of psad can be integrated with Tenable's product line. For more information, see the blog post on the Tenable Blog.