Does anyone know of a good Unix security auditing tool? (for DoD projects)

“Hi, When you are looking at DoD audits, it is better to follow their documents. The Security Technical Implementation Guides (STIGs) from DISA of DoD (The Defense Information Systems Agency) list a lot of tools for these audits.. For Unix audit, recommended tool is System iNtrusion Analysis & Reporting Environment- SNARE.. This toolset is opensource and licensed under GPL. (SNARE- http://sourceforge.net/projects/snare/). Full Unix STIG is at http://iase.disa.mil/stigs/stig/unix-stig-v5r1.pdf This guide lists several other security tools recommended by DoD. That being said, I agree with other comments, there are a lot of low cost tools that you can utilize, (starting with syslog parser scripts) Let me know if you have a specific question, cheers, - yinal”