search for: audit_events

Local end (receiving): 3.0.2, 3.0.3pre2 Remote end (sending): 2.6.9 Under 3.0.x, rsync sometimes prints an "Invalid argument" error when moving sockets to the backup directory (--backup-dir): rsync: mknod "/backup/machine/../machine-before-4/var/run/audit_events" failed: Invalid argument (22) The problem appears to be that, at least with sockets, keep_backup() is calling do_mknod() with garbage in the third parameter (dev). When I add some debug output to do_mknod(): printf("mknod pathname=%s, mode=%d, dev=%llu\n", pathname, mode, dev);...

http://bugzilla.mindrot.org/show_bug.cgi?id=125 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #619 is|0 |1 obsolete| | ------- Additional Comments From dtucker at zip.com.au 2004-05-31 23:25 -------

Hello, Freebsd-security. I want to create mixed audit class for ``security-sensible'' events. For example, I need to audit: exec*() syscalls from standard `pc' class, but not wait4() or fork(), because fork() is not interesting (new process image is security-sensible, not new process itself) and occurred too often and create noise. connect()/accept() from

http://bugzilla.mindrot.org/show_bug.cgi?id=125 alex.bell at bt.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alex.bell at bt.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

Hi Damien, I'm working with the Solaris team that is integrating openssh into upcoming Solaris releases. I'm looking for advice from the upstream community. You were suggested for that advice. If there are other mailing lists you'd like me to ask, I'm happy to do so, or if you'd like to forward, please feel free to do so. The --with-audit=bsm (audit-bsm.c) configuration

Hello, Freebsd-security. I'm grepping all sources for programs, which support audit and found strange thing: find . -name '*.c*' -print | \ grep -v -E '^./(sys|contrib/openbsm|tools/regression)' | \ xargs grep -E "\<(audit|au_)" shows, that only login(1), su(1), id(1) and sshd(1) uses audit. And even sshd(8) raise question: it doesn't call

hi, the following patch adds ssh tun support for Darwin/MacOS X (layer 2+3). I tested it with Darwin 8.0.1 x86 and MacOS X 10.4 Tiger PPC, I would like to see any tests from MacOS X users. It requires an external tun/tap driver, see below. reyk --- README.platform.orig 2006-02-13 20:22:04.000000000 -0800 +++ README.platform 2006-02-13 20:21:45.000000000 -0800 @@ -30,6 +30,18 @@ gcc,

Dear list. Has anybody had any issues with ROracle, namely consistently leading to a segmentation fault? One of our oracle databases seems to have certain issues at the moment (do not know what exactly though) and if that one is queried ROracle definitely fails with a segmentation fault. Any ideas? Here is the trace and below is also a type of query that crashes it: *** caught segfault ***

http://bugzilla.mindrot.org/show_bug.cgi?id=2 Michael.Gerdts at alcatel.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |Michael.Gerdts at alcatel.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are

FYI for those working with audit and intrusion detection on FreeBSD. Robert N M Watson ---------- Forwarded message ---------- Date: Mon, 5 Jun 2006 17:01:04 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: current@FreeBSD.org Cc: trustedbsd-audit@TrustedBSD.org Subject: Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS This is a heads up to current@ users

Hi All, I'm having an issue where SSH sessions fail if I enable the cryptodev engine for HMAC. I'd like to confirm if this is a supported configuration and if there are any known bugs. HMAC with the cryptodev engine works fine when using the openssl application directly, so I suspect that something in openssh may be the cause of the issue. I tried this initially with sshd from openssh

Author: kais Repository: /hg/zfs-crypto/gate Revision: 4c19f37f44f83def06a8aab4c0e079347eedd284 Log message: PSARC/2005/625 Greyhound - Solaris Kernel SSL proxy 4931229 Kernel-level SSL proxy Files: create: usr/src/cmd/cmd-inet/usr.sbin/kssl/kssladm/Makefile create: usr/src/cmd/cmd-inet/usr.sbin/kssl/kssladm/kssladm.c create: usr/src/cmd/cmd-inet/usr.sbin/kssl/kssladm/kssladm.h create:

https://bugzilla.mindrot.org/show_bug.cgi?id=1968 Bug #: 1968 Summary: openssh won't build with --with-audit=bsm on Solaris 11 Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: ix86 OS/Version: Solaris Status: NEW Severity: normal Priority: P2

http://bugzilla.mindrot.org/show_bug.cgi?id=974 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |enhancement Platform|HPPA |All Summary|Enhancement : Record |Record Badlogins for

http://bugzilla.mindrot.org/show_bug.cgi?id=125 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|major |enhancement ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

On Sun, Mar 01, 2015 at 03:23:04AM +1100, Damien Miller wrote: > > > On Sat, 28 Feb 2015, The Doctor wrote: > > > BSD/OS issues > > > > with 1.0.2a dev > > Thanks for testing. > You are welcome. > > make tests > > > > regress/netcat.c:656: `on' undeclared (first use in this function) > > regress/netcat.c:656: (Each

I don't know anything about cryptodev-linux, but I assume it's an openssl engine? If so it's possible sshd's multiprocess model and/or file descriptor handling is confusing it. It's not a configuration we test, so you're mostly on your own to debug it. It's entirely possible there's a bug there; if so, I'd expect it to be something like a fd being closed while

Hi, sifting through my system's logs, I noticed many break-in attempts by rogue ssh clients trying long lists of common passwords. For some time now I pondered different approaches to counter these, but could not come up with a solution that really satisfied me. I finally reached the conclusion that any countermeasures required support in sshd itself, and created the attached patch. If

...(compat20) { @@ -1708,11 +1714,12 @@ main(int ac, char **av) * If we use privilege separation, the unprivileged child transfers * the current keystate and exits */ +#ifdef USE_PRIVSEP if (use_privsep) { mm_send_keystate(pmonitor); exit(0); } - +#endif authenticated: #ifdef SSH_AUDIT_EVENTS audit_event(SSH_AUTH_SUCCESS); -- dwmw2

Author: jpk Repository: /hg/zfs-crypto/gate Revision: e7e07b2f4fcfbe725493f4074f9e9f0d8bfd8e1c Log message: PSARC/2002/762 Layered Trusted Solaris PSARC/2005/060 TSNET: Trusted Networking with Security Labels PSARC/2005/259 Layered Trusted Solaris Label Interfaces PSARC/2005/573 Solaris Trusted Extensions for Printing PSARC/2005/691 Trusted Extensions for Device Allocation PSARC/2005/723 Solaris