Date: Mon, 20 Sep 1999 08:41:14 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: robert+freebsd@cyrus.watson.org (Robert Watson) Cc: security@FreeBSD.ORG Subject: Re: Real-time alarms Message-ID: <199909201541.IAA59140@gndrsh.dnsmgr.net> In-Reply-To: <Pine.BSF.3.96.990920112110.42321B-100000@fledge.watson.org> from Robert Watson at "Sep 20, 1999 11:33:57 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> > I'd advise against developing any more codebases for auditing--we already > have two :-). I have a /dev/audit, submission of records from a number of > syscalls, an auditd + IDS interface, and some log management code. Nate's > folk are working on a better kernel interface and implementation, as was > discussed on freebsd-security in July (please see archive for details). > My userland library currently supports most of the posix.1e audit > interface spec, and I have a set of posix.1e extensions for IDS modules. > My hope is to adapt my auditd to speak Nate's kernel improvements, but > continue to provide a standard interface and useful tools/etc. URL to source code please... and I already pointed out that we need to at least look at what is out there. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909201541.IAA59140>