Filewatcher File Search File Search
Content Search
» » » » » auth2db_0.2.5-2+dfsg-2_all.deb » Content »
pkg://auth2db_0.2.5-2+dfsg-2_all.deb:30550/usr/share/doc/auth2db/  info  control  downloads

auth2db - Powerful and eye-candy IDS logger, log viewer and alert generator…  more info»


                    _    _     ___     _  _    
        __ _  _  _ | |_ | |_  |_  ) __| || |__ 
       / _` || || ||  _|| ' \  / / / _` || '_ \
       \__,_| \_,_| \__||_||_|/___|\__,_||_.__/

Auth2DB (version 0.2.5)                           30/07/2008

Auth2db uses MySQL database to store logs, whichs allows to performe 
a separated multi-client to single DB storage, turning the tedious 
work of constants auditing into a trivial and enjoyable experience.

Auth2db examining logs files and inserts the details into a MySQL database.
It allows you to display and administrate the content in a Web front-end. 
Generate Reports, Statatistics, Alerts, and Analyze Logs in Real Time.

More details:

Test Distributions at the moment: Debian, Ubuntu, Slackware, Backtrack2, Fedora

   Debian/Ubuntu: /var/log/auth.log
   Slackware/Backtrack2: /var/log/messages | /var/log/secure
   Fedora: /var/log/secure
   Suse: /var/log/messages

Installation 0.2.5 tar.gz:

# install mysql-server-5.0
# install python-mysqldb
# install PHP GD (optional for graphics report)

# install auth2db
 tar zxvf auth2db.0.2."version".tar.gz
 cd auth2db
 python install

# Create database "authlog"
 mysql> create database authlog;

# To create tables, config server and hosts exec as ROOT:

# EDIT /var/www/auth2db/conn.php (host/user/pass)
# EDIT /etc/auth2db/filters.conf to enable|disabled types or create other.

# Verify /etc/auth2db/auth2db.conf to enable|disabled alerts 
# (if you have many hosts, only 1 host alert activation is required to execute all).

# EDIT /etc/ssh/sshd_config
 ChallengeResponseAuthentication no
 PasswordAuthentication yes

# Use Daemon
# /etc/init.d/auth2db-daemon start|stop

# READY...

# execute auth2db or start daemon

(user:admin | pass:admin)


Experimental UPDATE_IP_SSHD:
Actualiza las IPs de los registros "session opened", que se generan 
luego de ingresar por SSH, seguido del registro "Accepted".
Esta feature es experimental. Si nota que la performance cae,
desactive esta opcion en el archivo "/etc/auth2db/auth2db.conf".
Es necesario tener activo el filtro [sshd_session] para su funcionamiento.

# enabled

# Disabled

Configuration files:

# PATH donde esta la configuracion principal
CONFIG_PATH = "/etc/auth2db/"

# PATH donde se guardan las BANDERAS del ultimo insert
CONFIG_PATH_FLAG = "/etc/auth2db/flag.d/"

# PATH donde se generan los .log temporales

# PATH de modulos adicionales como


You need some new features, you found bugs or you just
appreciate this program, you can contact me at :


Ezequiel Vera: <>


This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Results 1 - 1 of 1
Help - FTP Sites List - Software Dir.
Search over 15 billion files
© 1997-2017