Displaying 20 results from an estimated 1000 matches similar to: "mtree vs tripwire"
2004 Jan 11
5
BSD-licensed IDS/IDP Software?
I seem to remember seeing somewhere (on this list/on the web -- don't
remember) that there was some ``Snort-like'' software that was available under
the BSD license. Unfortunately, I'm unable to find any information about such
software. Was I dreaming, or can anybody else jog my memory? :)
Kind regards,
Devon H. O'Dell
2003 Oct 03
6
FreeBSD Security Advisory FreeBSD-SA-03:18.openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-03:18.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL vulnerabilities in ASN.1 parsing
Category: crypto
Module: openssl
Announced:
2003 Mar 26
2
what actually uses xdr_mem.c?
In regards to FreeBSD-SA-03:05.xdr, does anyone know which static binaries
or tools under /bin or /sbin actually use that problem code?
The recent XDR fixes the xdrmem_getlong_aligned(),
xdrmem_putlong_aligned(), xdrmem_getlong_unaligned(),
xdrmem_putlong_unaligned(), xdrmem_getbytes(), and/or xdrmem_putbytes()
functions, but it is difficult to know what uses these (going backwards
manually).
2004 May 11
3
quick FW question
I hope this isn't too off topic, but I'd like a quick solution to a
problem.
I have a small network behind a NAT firewall (FreeBSD of course) and I'd
like to block/redirect all traffic from the internal network to the
local mail server (same box as firewall) in order to prevent direct smtp
requests to the outside world (mainly virus/trokan programs).
I think I have it right in this
2003 Apr 01
1
LOG_AUTHPRIV and the default syslog.conf
Hello,
Some time ago I wrote PR conf/48170, which discussed
the following problem:
Syslog messages of facility LOG_AUTHPRIV and priority LOG_NOTICE
(or higher) are sent by default to the world-readable log file
/var/log/messages. That seems unacceptable since the facility
LOG_AUTHPRIV is for hiding sensitive log messages inside a protected
file, e.g., /var/log/auth.log.
For example, login(1)
2003 Jul 26
5
suid bit files + securing FreeBSD
Hello everybody,
I'm a newbie in this list, so I don't know if it's the appropriate place
for my question. Anyway, I'd be happy to find out the solution.
Please, has anyone simple answer for:
I'm looking for an exact list of files, which:
1. MUST have...
2. HAVE FROM BSD INSTALLATION...
3. DO NOT NEED...
4. NEVER MAY...
...the suid-bit set.
Of course, it's no problem to
2004 Feb 26
3
Environment Poisoning and login -p
There's been an ongoing discussion (started by
Colin Percival's recent work on nologin) about
environment-poisoning attacks via "login -p".
I thought I saw a way to address this, but the more I learn,
the uglier this looks. Maybe some of the good folks who read
freebsd-security can puzzle this one out:
Problem: login -p can be used to propagate environment flags
in order to
2003 Oct 02
3
HEADS UP: upcoming security advisories
Hello Folks,
Just a status on upcoming advisories.
FreeBSD-SA-03:15.openssh
This is in final review and should be released today. Fixes
for this issue entered the tree on September 24. I apologize
for the delay in getting this one out.
FreeBSD-SA-03:16.filedesc
A reference counting bug was discovered that could lead to
kernel memory disclosure or a system panic.
2004 Feb 29
5
mbuf vulnerability
In
http://docs.freebsd.org/cgi/mid.cgi?200402260743.IAA18903
it seems RELENG_4 is vulnerable. Is there any work around to a system that
has to have ports open ?
Version: 1 2/18/2004@03:47:29 GMT
>Initial report
>
<<https://ialert.idefense.com/KODetails.jhtml?irId=207650>https://ialert.idefense.com/KODetails.jhtml?irId=207650;
>ID#207650:
>FreeBSD Memory Buffer
2003 Mar 29
1
Security fix (Fwd: sendmail 8.12.9 available
From bugtraq :-(
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Sendmail, Inc., and the Sendmail Consortium announce the availability
>of sendmail 8.12.9. It contains a fix for a critical security
>problem discovered by Michal Zalewski whom we thank for bringing
>this problem to our attention. Sendmail urges all users to either
>upgrade to sendmail 8.12.9 or apply a patch for
2003 Sep 23
3
OpenSSH: multiple vulnerabilities in the new PAM code
This affects only 3.7p1 and 3.7.1p1. The advice to leave
PAM disabled is far from heartening, nor is the semi-lame
blaming the PAM spec for implementation bugs.
I happen to like OPIE for remote access.
Subject: Portable OpenSSH Security Advisory: sshpam.adv
This document can be found at: http://www.openssh.com/txt/sshpam.adv
1. Versions affected:
Portable OpenSSH versions 3.7p1
2004 Apr 17
7
Is log_in_vain really good or really bad?
Heya..
Yesterday someone "attacked" by box by connection to several ports.. In
other words, a simple portscan.. yet, since my box has "log_in_vain"
enabled, so it tries to log everything to /var/log/messages, since the
logfile got full and the size went over 100K, it tried to rotate the log
to save diskspace.
(Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due
2008 Jan 13
3
Anti-Rootkit app
Hi all,
I need to install an anti-rootkid in a lot of servers. I know that
there're several options: tripwire, aide, chkrootkit...
?What do you prefer?
Obviously, I have to define my needs:
- easy setup and configuration
- actively developed
--
Thanks,
Jordi Espasa Clofent
2004 Jan 26
6
Kernel modules listing
Hi all,
please, is there some utility/command/... to list all installed kernel
modules ?
Peter Rosa
2003 Sep 16
9
OpenSSH heads-up
OK, an official OpenSSH advisory was released, see here:
<URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html >
The fix is currently in FreeBSD -CURRENT and -STABLE. It will be
applied to the security branches as well today. Attached are patches:
buffer46.patch -- For FreeBSD 4.6-RELEASE and later
buffer45.patch -- For FreeBSD 4.5-RELEASE and
2008 Dec 23
4
tripwire on centos 5
Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5?
M.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2006 Jun 30
1
Determining vulnerability to issues described by SAs
Hi,
I've been trying for the past few days to come up with a method for
checking a FreeBSD system to see if it is vulnerable to an issue
described by a FreeBSD security advisory in some automated way, similar
to the way portaudit can use VuXML to check for vulnerabilities in
ports. Right now, I'm a bit stuck--there seem to be fairly major issues
with all the methods I've come up
2009 Nov 04
3
Tripwire Question
I'm trying to run tripwire on a RHEL 5.4 box. I'm new to it.
I'm getting errors:
The object: "/ora" is on a different file system...ignoring.
For one thing, it's not a different file system. It's not any different than the root partition, that tripwire will monitor. And I want tripwire to monitor it.
I've been googling around, and have seen this error in
2006 Jun 14
3
Tripwire for CentOS
Hi,
I literally have about 36 machines running CentOS on a private network,
and will probably change the remaining 30 or so away from Whitebox or RH
in the near term.
One thing I just noticed was when I tried to search out Tripwire RPM's,
that none seemed evident.
Can anyone point me in the direction of an Tripwire RPM that works with
CentOS 4.3, or advise me on how to create one from the
2005 Jan 19
3
tripwire
Is there a redhat or contrib RPM for tripwire?
I looked and didn't find one, but may not have been looking in the
right place.
Zebee