Re: Distributed audit daemon committed (was: svn commit: r243752 - in head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin usr.sbin/auditdistd (fwd))

From: Fbsd8 <fbsd8_at_a1poweruser.com>
Date: Sun, 02 Dec 2012 09:21:15 -0500
Robert Watson wrote:
> 
> Dear all:
> 
> I've now committed the build glue required to install the recently 
> merged Audit Distribution Daemon (auditdistd) contributed by the Pawel 
> Dawidek, and sponsored by the FreeBSD Foundation.  This allows 
> individual hosts generating audit trails to submit trails to a central 
> audit server for review and safe keeping.  Part of the goal is to ensure 
> that a host submitting trail data can't later modify the trails.  Pawel 
> uses a variety of useful security- and resilience-related features such 
> as TLS, Capsicum, etc, in auditdistd.  As the recent security incident 
> in the FreeBSD.org cluster illustrated, having reliable and detailed 
> audit trails makes a big difference in forensic work, and hopefully this 
> will allow the FreeBSD Project (and our users) to do that better in the 
> future.
> 
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
> 

Is auditdistd going to be included in the base system as of 10.0-RELEASE
or be a port that runs on 10.0-RELEASE and newer?
Received on Sun Dec 02 2012 - 13:21:19 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:32 UTC