Re: Audit tools?
On Sun, Apr 24, 2005 at 01:08:55PM -0700, Jay O'Brien wrote: > Erik Trulsson wrote: > > > On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: > > > >>What are the tools that I should use to audit an existing > >>FreeBSD installation? Without changing anything, I wish > >>to quickly determine what is installed, i.e., the basic > >>system, ports and packages, and then to compare what is > >>installed to the currently available versions. > > > > > > For ports/packages you can use pkg_info(1) to see what is installed, > > and pkg_version(1) to compare what is installed to what is in the ports > > tree. For packages: ls /var/db/pkg/ will show you what's installed. For the base system, you'll have to look at /etc/make.conf and the kernel configuration file. The kernel configuration (default is /usr/src/sys/ARCH/conf/GENERIC, where ARCH is i386, amd64, alpha etc) file determines what's being built into the kernel. By setting variables in make.conf, you can determine what's going to be built in the next buildworld. For instance, if you set NO_BLUETOOTH=true in make.conf, programs and modules relating to bluetooth will not be built. See 'man make.conf' for a list of settings. Roland -- R.F. Smith /"\ASCII Ribbon Campaign r s m i t h @ x s 4 a l l . n l \ /No HTML/RTF in e-mail http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail public key: http://www.keyserver.net / \Respect for open standards pgpCwQ3FDZjO0.pgp Description: PGP signature
Re: Audit tools?
Clifton Royston wrote: > On Sun, Apr 24, 2005 at 01:08:55PM -0700, Jay O'Brien wrote: > >>Erik Trulsson wrote: >> >>>On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: >>> What are the tools that I should use to audit an existing FreeBSD installation? Without changing anything, I wish to quickly determine what is installed, i.e., the basic system, ports and packages, and then to compare what is installed to the currently available versions. >>> >>>For ports/packages you can use pkg_info(1) to see what is installed, >>>and pkg_version(1) to compare what is installed to what is in the ports >>>tree. >>> >>>For the base system there is no corresponding way to see what is >>>installed or not. 'uname -a' will show which version of FreeBSD is >>>installed, but after that you will have to check manually to see if all >>>components are installed or not. >> >>Erik, >>Thanks; I was hoping that there were some additional tools that >>I hadn't found so far. At least you have confirmed that I'm >>following a reasonable procedure. >>Jay > > > You can check out the portupdate package, but of course if it's not > already installed, it doesn't meet your criteria of "without changing > anything." > > BTW, the above discussion is assuming you mean audit in the "taking > an inventory" sense. If you're talking about audit in the security > sense, the above doesn't do it, and you need to look at tools like > mtree (should be there as built-in), Tripwire (extra package), etc. > > -- Clifton > Clifton, You are right, I wasn't specific enough. By audit, I mean "taking an inventory", not looking for security holes. Thanks for your input! Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Audit tools?
On Sun, Apr 24, 2005 at 01:08:55PM -0700, Jay O'Brien wrote: > Erik Trulsson wrote: > > On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: > >>What are the tools that I should use to audit an existing > >>FreeBSD installation? Without changing anything, I wish > >>to quickly determine what is installed, i.e., the basic > >>system, ports and packages, and then to compare what is > >>installed to the currently available versions. > > > > For ports/packages you can use pkg_info(1) to see what is installed, > > and pkg_version(1) to compare what is installed to what is in the ports > > tree. > > > > For the base system there is no corresponding way to see what is > > installed or not. 'uname -a' will show which version of FreeBSD is > > installed, but after that you will have to check manually to see if all > > components are installed or not. > Erik, > Thanks; I was hoping that there were some additional tools that > I hadn't found so far. At least you have confirmed that I'm > following a reasonable procedure. > Jay You can check out the portupdate package, but of course if it's not already installed, it doesn't meet your criteria of "without changing anything." BTW, the above discussion is assuming you mean audit in the "taking an inventory" sense. If you're talking about audit in the security sense, the above doesn't do it, and you need to look at tools like mtree (should be there as built-in), Tripwire (extra package), etc. -- Clifton -- Clifton Royston -- [EMAIL PROTECTED] Tiki Technologies Lead Programmer/Software Architect "I'm gonna tell my son to grow up pretty as the grass is green And whip-smart as the English Channel's wide..." -- 'Whip-Smart', Liz Phair ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Audit tools?
Erik Trulsson wrote: > On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: > >>What are the tools that I should use to audit an existing >>FreeBSD installation? Without changing anything, I wish >>to quickly determine what is installed, i.e., the basic >>system, ports and packages, and then to compare what is >>installed to the currently available versions. > > > For ports/packages you can use pkg_info(1) to see what is installed, > and pkg_version(1) to compare what is installed to what is in the ports > tree. > > For the base system there is no corresponding way to see what is > installed or not. 'uname -a' will show which version of FreeBSD is > installed, but after that you will have to check manually to see if all > components are installed or not. > > Erik, Thanks; I was hoping that there were some additional tools that I hadn't found so far. At least you have confirmed that I'm following a reasonable procedure. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Audit tools?
On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: > What are the tools that I should use to audit an existing > FreeBSD installation? Without changing anything, I wish > to quickly determine what is installed, i.e., the basic > system, ports and packages, and then to compare what is > installed to the currently available versions. For ports/packages you can use pkg_info(1) to see what is installed, and pkg_version(1) to compare what is installed to what is in the ports tree. For the base system there is no corresponding way to see what is installed or not. 'uname -a' will show which version of FreeBSD is installed, but after that you will have to check manually to see if all components are installed or not. -- Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"