similar to: audit problems

Hello I'm a bit confused about the "tcp time stamp validation bug" mentioned in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19). Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not look like this. But I'm not sure. Regards, Thomas

Hi. I'm looking at deploying a freebsd 7-release server with some storage attached to an areca ARC-1680 controller. But this card is not mentioned in 'man 4 arcmsr' (http://www.freebsd.org/cgi/man.cgi?query=arcmsr&sektion=4&manpath=FreeBSD+7.0-RELEASE). Areaca's website does mention freebsd as a supported OS (http://www.areca.com.tw/products/pcietosas1680series.htm). Has

Greetings, Well, I en devoured to install a copy of 7 as an effort to upgrade one of our servers. After installing a few ports, I began to notice: [: -le: argument expected messages being emitted during the configure/make process. I've already invested a fair amount of time on this upgrade, and /really/ don't want to wipe the disk(s) and start all over. This issue is not new to me - see

Hi, according to http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/amr/amr.c?only_with_tag=RELENG_6 it seems MegaMGR for linux now can work. Any experience? -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

Hello folks - I'm running dovecot on top of qmail/vpopmail/mysql, serving up about 2500 mailboxes. Everything is running very smooth and fast.... I recently upgraded dovecot to 1.1, so I'm trying to implement some extra features like IMAP quotas. I'm using the sql passdb, with the following config: driver = mysql connect = host=/var/lib/mysql/mysql.sock user=username

On May 19, 2005, at 5:53 AM, Christian Brueffer wrote: > Hi, > > fixes for the vulnerability described in http://www.kb.cert.org/ > vuls/id/637934 > were checked in to CURRENT and RELENG_5 by ps in April. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c > > Revisions 1.270 and 1.252.2.16 > > He didn't commit it to RELENG_5_4 for some

Hi all, I am looking at securing a web server using the FreeBSD MAC Framework. To make things clear I will call the hosted users "web users". Those are the issues I am dealing with: ** Network Security ** - Web users shouldn't be able to connect to reserved local ports apart from 25(smtp); 80(http); 443(https) and 3306(MySQL) Solution: run the web server and web users shell in

Dear All, Over the past week or so, I have spent some time updating Tom Rhodes' excellent FreeBSD Handbook chapter on Audit for some of the more recent audit changes, such as new features in more recent OpenBSM versions. Since FreeBSD 6.2-BETA2 contains what is likely the final drop of the audit code (modulo any bug fixes) for 6.2-RELEASE, now would be a great time for people interested

Hello I have some issues with OpenBSM which i cannot resolve, so i decided to ask there. 1) I found some bugs in the auditreduce utility and created patch for it - http://www.freebsd.org/cgi/query-pr.cgi?pr=114534. Please, someone from freebsd team - take it, i think its better to fix this before next release. 2) I found that when i`m using XDM as login manager with OpenBSM, all my audit

FYI for those working with audit and intrusion detection on FreeBSD. Robert N M Watson ---------- Forwarded message ---------- Date: Mon, 5 Jun 2006 17:01:04 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: current@FreeBSD.org Cc: trustedbsd-audit@TrustedBSD.org Subject: Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS This is a heads up to current@ users

or "How do I know my copy of FreeBSD is the same as yours?" I have recently been meditating on the issue of validating X.509 root certificates. An obvious extension to that is validating FreeBSD itself. Under "The Cutting Edge", the handbook lists 3 methods of synchronising your personal copy of FreeBSD with the Project's copy: Anonymous CVS, CTM and CVSup. There are

Greetings, I've been looking for a proper way to to track down user's activity inside the shell as I'm helping my colleague to configure a web hosting and shell hosting server. Someone have referred me to this article -- http://bsdtips.utcorp.net/mediawiki/index.php/Snoop which is using 'watch' commands to view user's activity once they logged in to the server I found

Hey guys, this was sent to the openbsd-misc mailing list tonight. It might be interesting for some people here as well. - Christian ----- Forwarded message from "Alexey E. Suslikov" <cruel@texnika.com.ua> ----- Date: Tue, 11 Jan 2005 11:36:08 +0200 From: "Alexey E. Suslikov" <cruel@texnika.com.ua> Subject: Biometric Authentication for BSD/Linux X-Mailer: The

Greetings, In order to use solaris's BSM (Basic security module) also called c2 audit, which logs specific kernel calls depending on your audit_control, I would need to use login(1) to log users exec calls and whatnot because Portable OpenSSH does not have <bsm/audit.h> support, now that would mean I would have to enable Uselogin in sshd_config in order for that to work. I am running

Hi, I download the last svn and I also look around but I cannot find the source, I only found the patch http://bugs.digium.com/print_bug_page.php?bug_id=8919 any one can help me out. thx -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20070209/6780fde6/attachment.htm

A few weeks back Robert Watson announced the merge of these features from 7 back into 6-STABLE. I hadn't seen any updates and was curious as to the status. Us 6-STABLE users are curious to test it out. Thanks. --A

A while back, I submitted a patch for PR kern/124621, which allows the mounting of an ext2(3) filesystem created with an inode size other than 128. The e2fsprogs' default is now 256, so file systems created on newer Linux distributions or with the port will not be mountable. I was hopeful this would get committed in time for 7.1-RELEASE (and 6.4-RELEASE), however the PR remains open. If

So I'm exploring AUDIT and have this in /etc/security/audit_control: dir:/var/audit flags:lo,fd minfree:20 naflags:lo policy:cnt filesz:0 I tell auditd to reread the config file with audit -s but no file deletion events are logged. I change the config file to: dir:/var/audit flags:lo minfree:20 naflags:lo,fd policy:cnt filesz:0 I type audit -s and am immediately flooded with 20 kilobytes