Date: Wed, 16 Aug 2000 16:30:50 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Mike Silbersack <silby@silby.com> Cc: security@freebsd.org Subject: Re: Hilighting dangerous ports Message-ID: <Pine.BSF.4.21.0008161628130.28154-100000@freefall.freebsd.org> In-Reply-To: <Pine.BSF.4.21.0008161822250.14500-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Aug 2000, Mike Silbersack wrote:
> Any way this could be mailed to root as well, or incorporated into that
> day's security log? I find when I'm installing ports, I tend to zoom by
> all the messages. However, if the info was (in addition) mailed to me,
> I'd be more likely to pay attention.
The setuid files will show up in the daily report.
More useful than reporting startup scripts would probably be a list of
current programs which are listening on sockets (from sockstat or
whatever) - or do you think etc/rc.d changes are also worthwhile?
I've got an improved /etc/security script which I'm working on at the
moment - I'll look at optionally adding this to the report as well.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008161628130.28154-100000>