Robert Watson wrote:
Dear all:
I've now committed the build glue required to install the recently
merged Audit Distribution Daemon (auditdistd) contributed by the Pawel
Dawidek, and sponsored by the FreeBSD Foundation. This allows
individual hosts generating audit trails to submit trails to a central
audit server for review and safe keeping. Part of the goal is to ensure
that a host submitting trail data can't later modify the trails. Pawel
uses a variety of useful security- and resilience-related features such
as TLS, Capsicum, etc, in auditdistd. As the recent security incident
in the FreeBSD.org cluster illustrated, having reliable and detailed
audit trails makes a big difference in forensic work, and hopefully this
will allow the FreeBSD Project (and our users) to do that better in the
future.
Robert N M Watson
Computer Laboratory
University of Cambridge
Is auditdistd going to be included in the base system as of 10.0-RELEASE
or be a port that runs on 10.0-RELEASE and newer?
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
