From owner-freebsd-current@FreeBSD.ORG Mon Dec 17 12:51:21 2012 Return-Path: Delivered-To: current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8A03D8A6; Mon, 17 Dec 2012 12:51:21 +0000 (UTC) (envelope-from hugo@barafranca.com) Received: from mail.barafranca.com (mail.barafranca.com [67.213.67.47]) by mx1.freebsd.org (Postfix) with ESMTP id 5494E8FC12; Mon, 17 Dec 2012 12:51:21 +0000 (UTC) Received: from localhost (unknown [172.16.100.24]) by mail.barafranca.com (Postfix) with ESMTP id B26358BE; Mon, 17 Dec 2012 12:43:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at barafranca.com Received: from mail.barafranca.com ([172.16.100.24]) by localhost (mail.barafranca.com [172.16.100.24]) (amavisd-new, port 10024) with ESMTP id GLtM4nmvmp1C; Mon, 17 Dec 2012 12:42:37 +0000 (UTC) Received: from [192.168.1.1] (a89-152-58-56.cpe.netcabo.pt [89.152.58.56]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.barafranca.com (Postfix) with ESMTPSA id BA2438BD; Mon, 17 Dec 2012 12:42:36 +0000 (UTC) Message-ID: <50CF132A.9020804@barafranca.com> Date: Mon, 17 Dec 2012 12:42:18 +0000 From: Hugo Silva User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 MIME-Version: 1.0 To: Robert Watson Subject: Re: Distributed audit daemon committed (was: svn commit: r243752 - in head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin usr.sbin/auditdistd (fwd)) References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: current@FreeBSD.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Dec 2012 12:51:21 -0000 On 12/01/12 15:15, Robert Watson wrote: > > Dear all: > > I've now committed the build glue required to install the recently > merged Audit Distribution Daemon (auditdistd) contributed by the Pawel > Dawidek, and sponsored by the FreeBSD Foundation. This allows > individual hosts generating audit trails to submit trails to a central > audit server for review and safe keeping. Part of the goal is to ensure > that a host submitting trail data can't later modify the trails. Pawel > uses a variety of useful security- and resilience-related features such > as TLS, Capsicum, etc, in auditdistd. As the recent security incident > in the FreeBSD.org cluster illustrated, having reliable and detailed > audit trails makes a big difference in forensic work, and hopefully this > will allow the FreeBSD Project (and our users) to do that better in the > future. > > Robert N M Watson > Computer Laboratory > University of Cambridge Wonderful! Personally I think this is a very worthy addition to the project and I would like to congratulate and thank everyone involved in this work.