SE Linux Log Support
Security Enhanced Linux (commonly known as SE Linux) offers several methods to secure what the kernel and the applications can and can't do. This can help prevent successful buffer overflow attacks from both local and remote sources. When exceptions occur, the operating system will generate logs that are processed by Tenable's Log Correlation Engine. Currently, the logs are processed and can be manually analyzed by users. Shortly though, Tenable will release a TASL script that correlates attacks detected by intrusion detection systems with system events from SE Linux servers. This will allow Tenable customers to detect more serious Linux network attack attempts.