agentsmith - monitor log file for break-in attempts

agentsmith is a daemon that continuously monitors a log file for break-in attempts by remote hosts. Upon detection of a break-in attempt, it launches a user defined script or application, which can do virtually anything from sending mails to whatever you might think of, e.g: monitor

The criteria what is considered a break-in attempt can be configured by means of a regular expression.

As of version 0.2, agentsmith is able to exchange host information with other agentsmith instances running on remote hosts and thus trigger actions on remote hosts. It uses OpenSSL to accomplish this in a secure manner.

It runs on Solaris, *BSD, and Linux and requires the PCRE library and OpenSSL as external dependencies.

$Id: index.shtml 5949 2014-02-09 18:26:59Z rafisol $