similar to: Status of MFC security event audit support in RELENG_6?

Displaying 20 results from an estimated 2000 matches similar to: "Status of MFC security event audit support in RELENG_6?"

2006 Aug 16
1
Warning: MFC of security event audit support RELENG_6 in the next 2-3 weeks
Dear 6-STABLE users, In the next 2-3 weeks, I plan to MFC support for CAPP security eventing auditing from 7-CURRENT to 6-STABLE. The implementation has been running quite nicely in -CURRENT for several months. Right now, I'm just waiting on a confirmation from Sun regarding formal allocation of a BSM header version number so as to avoid accidental version number conflicts in the
2006 Aug 16
1
Warning: MFC of security event audit support RELENG_6 in the next 2-3 weeks
Dear 6-STABLE users, In the next 2-3 weeks, I plan to MFC support for CAPP security eventing auditing from 7-CURRENT to 6-STABLE. The implementation has been running quite nicely in -CURRENT for several months. Right now, I'm just waiting on a confirmation from Sun regarding formal allocation of a BSM header version number so as to avoid accidental version number conflicts in the
2007 Feb 08
1
audit problems
Hi! I'm experiencing some problems configuring audit on 6.2-RELEASE system. It doesn't seem to log anything except login messages. The only thing I've modified in config is the root user specification in audit_users. Now it looks like this: root:lo,ex,fw,fc:no However nor ex, non fw or fc messages doesn't get into the log. Furthermore, deleting lo from audit_users and
2007 Oct 28
6
MFC requests for 6.3
I would like to request that some useful work on networking be MFCed from -CURRENT to -STABLE in time for the release of FreeBSD 6.3. In particular, I'd like to see some of the Netgraph nodes which are new or which have seen extensive development brought in -- ng_nat and ng_car in particular. Bringing in the latest version of ng_nat would allow more flexible in-kernel NAT, while ng_car (which
2006 Sep 14
6
sshd audit not happy with ssh1 and scp
I think I've found a bug with sshd handling audit events for commands (like scp) over ssh1 connections. Specifically, after updating to a recent FreeBSD 6.x with audit support, I'm getting log messages like these when using scp over ssh1: Sep 12 14:13:16 <auth.info> bm55 sshd[12335]: Accepted rsa for xxx from A.B.C.D port 2981 Sep 12 14:13:16 <auth.crit> bm55 sshd[12335]:
2006 Oct 02
0
Audit handbook chapter review, call for general testing
Dear All, Over the past week or so, I have spent some time updating Tom Rhodes' excellent FreeBSD Handbook chapter on Audit for some of the more recent audit changes, such as new features in more recent OpenBSM versions. Since FreeBSD 6.2-BETA2 contains what is likely the final drop of the audit code (modulo any bug fixes) for 6.2-RELEASE, now would be a great time for people interested
2007 Jul 14
2
OpenBSM questions
Hello I have some issues with OpenBSM which i cannot resolve, so i decided to ask there. 1) I found some bugs in the auditreduce utility and created patch for it - http://www.freebsd.org/cgi/query-pr.cgi?pr=114534. Please, someone from freebsd team - take it, i think its better to fix this before next release. 2) I found that when i`m using XDM as login manager with OpenBSM, all my audit
2008 Jun 03
2
[releng_6 tinderbox] failure on i386/i386
TB --- 2008-06-03 08:42:30 - tinderbox 2.3 running on freebsd-legacy.sentex.ca TB --- 2008-06-03 08:42:30 - starting RELENG_6 tinderbox run for i386/i386 TB --- 2008-06-03 08:42:30 - cleaning the object tree TB --- 2008-06-03 08:43:09 - cvsupping the source tree TB --- 2008-06-03 08:43:09 - /usr/bin/csup -r 3 -g -L 1 -h localhost -s /tinderbox/RELENG_6/i386/i386/supfile TB --- 2008-06-03 08:43:22
2008 May 14
1
RELENG_6 regression: panic: vm_fault on nofault entry, addr: c8000000
Hi, there's a regression going from 6.2 to 6.3, where it will panic upon booting the kernel within vm_fault. This problem has been discussed before, but I'm seeing it reliably on a RELENG_6 checkout from 5th of May. It affects multiple (but identical) systems, here's an verbose boot leading to the panic. Please note that 6.2 was running fine on these machines, they also boot
2006 Apr 19
1
ypwhich -m
Hi, I found that ypwhich -m does not work on 6.1-RC, it shows ypwhich: can't find the master of `?`: reason: No such map in server's domain IIRC, there was a commit last year to fix this. After some search, I think it is include/rpcsvc/yp_prot.h revision 1.13 done by peter@ (CC'ed). As far as I can tell, ypwhich -m is also broken on 5.4 and 5.5-PRERELEASE. I have tested that
2007 Aug 23
3
RELENG_6_2 EoL Date?
I'm curious about the estimated EoL date on 6.2-RELEASE. Current estimate is listed as Jan 31 2008. That's just about 5 months away now. Suggestions for those who are about to be EoL'ed? Thanks.
2013 Jan 06
2
audit events confusion
On a rather full customer web server, I am trying to track down whose web site script is trying to make outbound network connections when they should not be. In /etc/security/audit_control, I added to the flags line dir:/var/audit flags:lo,aa,-nt minfree:5 to log failed network connection. When I try an make an outbound connection to something that is blocked in pf, it seems to sometimes work.
2006 Mar 23
0
strange deadlock and magic resurrection with RELENG_6
Hi, I'm using a recent RELENG_6 under I386/SMP (Athlon X2 4800+). dmesg output is under http://people.freebsd.org/~mr/dmesg.log.gz Root is on gmirror volume (2 SATA disks), a backup FS is on graid3 (5 firewire disks). This server acts as an bacula server. During backup with bacula I discovered an complete system freeze (no keyboard, nfs, disk...) after the following lines on the screen: ...
2006 Jun 05
0
Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS (fwd)
FYI for those working with audit and intrusion detection on FreeBSD. Robert N M Watson ---------- Forwarded message ---------- Date: Mon, 5 Jun 2006 17:01:04 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: current@FreeBSD.org Cc: trustedbsd-audit@TrustedBSD.org Subject: Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS This is a heads up to current@ users
2007 Jan 30
1
What about BIND 9.3.4 in FreeBSD in base system ?
http://www.isc.org/sw/bind/view/?release=9.3.4 SECURITY ADVISORIES * CVE-2006-4095 CERT Vulnerability Note VU#915404 NISCC 172003 * CVE-2006-4096 CERT Vulnerability Note VU#697164 NISCC 172003 * CAN-2005-0034 NISCC-UNIRAS 20050125-00059 CERT Vulnerability Note VU#938617 [ODiP] == Dmitry Grigorovich
2006 Feb 02
0
HEADS UP: Audit integration into CVS in progress, some tree disruption (fwd)
FYI, since this is probably of interest to subscribers of this mailing list also. Robert N M Watson ---------- Forwarded message ---------- Date: Wed, 1 Feb 2006 22:55:40 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Julian Elischer <julian@elischer.org> Cc: trustedbsd-audit@TrustedBSD.org, K?vesd?n G?bor <gabor.kovesdan@t-hosting.hu>, current@freebsd.org
2008 Sep 17
1
ACPI "blacklist" question
Hello, I have recently updated a machine to 7-stable. ACPI doesn't seem to work correctly on this machine. With earlier versions of FreeBSD (including the latest RELENG_6), I got this line in dmesg: ACPI disabled by blacklist. Contact your BIOS vendor. And everything was fine. The box runs perfectly well with ACPI disabled. (I can't get a BIOS update because the mainboard is too
2000 Dec 17
2
Portable OpenSSH Solaris UseLogin Issue
Greetings, In order to use solaris's BSM (Basic security module) also called c2 audit, which logs specific kernel calls depending on your audit_control, I would need to use login(1) to log users exec calls and whatnot because Portable OpenSSH does not have <bsm/audit.h> support, now that would mean I would have to enable Uselogin in sshd_config in order for that to work. I am running
2008 Jun 03
0
[releng_6 tinderbox] failure on sparc64/sparc64
TB --- 2008-06-03 09:06:24 - tinderbox 2.3 running on freebsd-legacy.sentex.ca TB --- 2008-06-03 09:06:24 - starting RELENG_6 tinderbox run for sparc64/sparc64 TB --- 2008-06-03 09:06:24 - cleaning the object tree TB --- 2008-06-03 09:06:55 - cvsupping the source tree TB --- 2008-06-03 09:06:55 - /usr/bin/csup -r 3 -g -L 1 -h localhost -s /tinderbox/RELENG_6/sparc64/sparc64/supfile TB ---
2007 Aug 02
1
Fw: FreeBSD Security Advisory FreeBSD-SA-07:07.bind
> John Freeman wrote: > >> Same problem on AMD64 build. I'm too lazy to attach full text, this >> system doesn't use bind and jail. > > What branch are you tracking? > > Doug > 6.2 STABLE (RELENG_6 latest cvs) amd64 -