Open source monitoring solutions like Icinga cover most of the network administrators monitoring needs. These systems are highly customisable with various add-ons and plugins proven in years of application.
In this talk we share a selection ideas for monitoring security relevant activity and events with Icinga. This includes reminding on outstanding maintenance operations, detecting anomalous activity, monitoring (and control) of brute force attacks running, and most certainly the security of Web, DNS, Email and DHCP-services in general.
Given an existing Icinga monitoring system (like we documented in our 'Nagios/Icinga Kochbuch' recently published by O'Reilly) and not the resources to setup a proper security monitoring solution (like it is unfortunately under normal circumstances the case); why not at least improve network security by adding few more plugins?
Following the presentation there will be a discussion were we will encourage interested individuals to propose (or even contribute) security relevant checks missing. The most interesting contributions might get implemented, documented and published. Resulting plugins will be made freely available.