[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISSForum] BSM usage with Server Sensor on Solaris



We are in the process of attempting to roll out Server
Sensor in our Unix (Solaris 2.8) environment. My
question concerns the BSM (Basic Security Module)
which is included in Solaris and is used to create the
security logs so that Server Sensor can be used to
flag curious activity (much like the Windows version
does).

Currently, we do not have the BSM enabled (there are
other tools that are used).  In performing some
testing with several of the options turned on in a lab
environment, it is evident that the log file(s) can
become very large, very fast.  In our environment
where our web servers see large volumes of traffic
this could be a big problem.

I'd be curious to know if/how people are using the BSM
in conjunction with Server Sensor on Solaris.  I'm
looking for ideal configurations of it.  I'd also like
to hear if there are people out there who do not have
the BSM enabled and just look at Web traffic.

MW     

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/
_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo