Lately I have been writing a Windows client for the GNUCoMo project. The client sends events from the Windows event log and some other log files to a server. The server tries to read and comprehend all incoming information and checks if there's a portscan going on, or someone broke in to your server, etc. From what I can see, the US Army could also have used this kind of software in Iraq.


Comments powered by Disqus