similar to: FYI: TrustedBSD at BSDCan (fwd)

FYI for those working with audit and intrusion detection on FreeBSD. Robert N M Watson ---------- Forwarded message ---------- Date: Mon, 5 Jun 2006 17:01:04 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: current@FreeBSD.org Cc: trustedbsd-audit@TrustedBSD.org Subject: Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS This is a heads up to current@ users

Dear 6-STABLE users, In the next 2-3 weeks, I plan to MFC support for CAPP security eventing auditing from 7-CURRENT to 6-STABLE. The implementation has been running quite nicely in -CURRENT for several months. Right now, I'm just waiting on a confirmation from Sun regarding formal allocation of a BSM header version number so as to avoid accidental version number conflicts in the

Dear 6-STABLE users, In the next 2-3 weeks, I plan to MFC support for CAPP security eventing auditing from 7-CURRENT to 6-STABLE. The implementation has been running quite nicely in -CURRENT for several months. Right now, I'm just waiting on a confirmation from Sun regarding formal allocation of a BSM header version number so as to avoid accidental version number conflicts in the

FYI, since this is probably of interest to subscribers of this mailing list also. Robert N M Watson ---------- Forwarded message ---------- Date: Wed, 1 Feb 2006 22:55:40 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Julian Elischer <julian@elischer.org> Cc: trustedbsd-audit@TrustedBSD.org, K?vesd?n G?bor <gabor.kovesdan@t-hosting.hu>, current@freebsd.org

I am proud to announce that BSDCan 2008 registration is now open. http://www.bsdcan.org/2008/registration.php We have added a new tutorial to the schedule: http://www.bsdcan.org/2008/schedule/events/107.en.html Wireless networking facilities in FreeBSD. Hands-on experience setting up and inspecting wireless networks. - Sam Leffler Also, BSDCan 2008 will be the first BSD conference

The list of talks and speakers for BSDcan 2011 has been released. For 2011, we once again have a strong collection of talks that will appeal to a wide range of attendees. Registration will open later this week. Be sure to start making your travel plans. http://www.bsdcan.org/2011/schedule/ We also have a Facebook and Twitter pages. Please help us to spread the word.

Hello I have some issues with OpenBSM which i cannot resolve, so i decided to ask there. 1) I found some bugs in the auditreduce utility and created patch for it - http://www.freebsd.org/cgi/query-pr.cgi?pr=114534. Please, someone from freebsd team - take it, i think its better to fix this before next release. 2) I found that when i`m using XDM as login manager with OpenBSM, all my audit

Dear All, Over the past week or so, I have spent some time updating Tom Rhodes' excellent FreeBSD Handbook chapter on Audit for some of the more recent audit changes, such as new features in more recent OpenBSM versions. Since FreeBSD 6.2-BETA2 contains what is likely the final drop of the audit code (modulo any bug fixes) for 6.2-RELEASE, now would be a great time for people interested

Calling all FreeBSD developers needing assistance with travel expenses to BSDCan 2008. The FreeBSD Foundation will be providing a limited number of travel grants to individuals requesting assistance. Please fill out and submit the Travel Grant Request Application at www.freebsdfoundation.org/documents/ by April 1, 2008 to apply for this grant. We have increased our travel grant budget for 2008!

The FreeBSD Project is pleased to announce its participation in the Google "Summer of Code" program designed to introduce students to open source software development. The FreeBSD Project received over 350 applications, amongst which 18 projects have been selected for funding. Unfortunately, due to the limited number of spots available, we were unable to fund many first rate

Exactly what I need. I am so glad that you read the forum. Thanks a lot. ----- Original Message ----- From: "Robert Watson" <rwatson@FreeBSD.org> To: "Georgi Hristov" <hristov@iocc.com> Sent: Thursday, June 26, 2003 10:44 AM Subject: Re: SysLog Manipulation | On Thu, 26 Jun 2003, Georgi Hristov wrote: | | > About what time did you merge it ... I may have

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I did a cvsup for RELENG_7 earlier today. # uname -a FreeBSD polo.example.org 7.1-STABLE FreeBSD 7.1-STABLE #8: Sat Apr 11 18:50:17 EDT 2009 dan@polo.example.org:/usr/obj/usr/src/sys/PHENOM amd64 No idea what went wrong here. Clues please. cc -c -O2 -frename-registers -pipe -fno-strict-aliasing -std=c99 -g - -Wall -Wredundant-decls

FYI, I'm now looking for work. My resume: http://www.freebsddiary.org/dan_langille.php -- Dan Langille BSDCan - The Technical BSD Conference : http://www.bsdcan.org/ PGCon - The PostgreSQL Conference: http://www.pgcon.org/

On Wed, 2 Jan 2002, John Hay wrote: > Well I can accept your argument for -stable, although bigger changes has > gone in -stable in the past, but what about -current? My -current boxes > also still claim: "sshd version OpenSSH_2.9 FreeBSD localisations > 20011202" And this is the problem, if we don't have -current upgraded > we have little chance in getting wrinkles

Hi folks, I've been working on getting my WiFi network running with IPsec. I'm at the point where all traffic on the wifi subnet is encrypted (i.e. ESP). Then I tried to add AH to the equation. I failed. This picture describes the network setup: http://beta.freebsddiary.org/images/ipsec-wireless.gif Here's what I'm trying and failing with. With these rules, I get no

Hello Everyone! It has been my pleasure and privilege to serve as the FreeBSD Security Officer for the past 3+ years. With the crucial support of the FreeBSD Security Team members, a lot has been accomplished: hundreds of security issues have been researched and tracked, with some resulting in security advisories and patches; software in the Ports Collection are updated more quickly

Hi, When I use FreeBSD-6.0 Release (also FreeBSD-5.4), I found IPSEC can't coexists with MAC. When the IpSec is setup, and we connects the TCP server with IPSEC and MAC support, the server innevitably crack. Because the m_pkthdr of some mbuf is mangled by unknown reasons. Following is my kernel configuration: options MAC options MAC_DEBUG options UFS_EXTATTR options

Hi all, After looking at the LDA/Sendmail page in the dovecot wiki, I wanted to contribute another method to easily configure Sendmail to use deliver. Instead of adding a new mailer definition, as already suggested, one can simply use the following line in their sendmail.mc file instead: FEATURE(`local_procmail', `/usr/libexec/dovecot/deliver', `deliver -d $u',

Recently I was looking up LLVM on net and I stumbled upon a pdf called "2008-05-17-BSDCan-LLVMIntro.pdf". What makes this somewhat general introduction to llvm interesting for me is the fact that it mentions (on page 30 if you are curious) that it supports "Type Checking and Semantic Analysis - Builds Abstract Syntax Trees (AST) for valid input"!!! I find this surprising

I would like to know that there is or is not a way to prevent users from executing binaries that are not owned by root or that the user is in a particular group. Is this something I can achieve with TrustedBSD's MAC framework?