Date: Thu, 24 May 2012 09:49:48 +0200 From: Willem Jan Withagen <wjw@digiware.nl> To: FreeBSD Current <freebsd-current@freebsd.org> Subject: Daily, weekly, security scripts.... Message-ID: <4FBDE81C.9010909@digiware.nl>
next in thread | raw e-mail | index | archive | help
[I looked for a better list to drop this on, but other that freebsd-rc nothing seems close.] Hi, I nagged about the verbosity of the periodic scripts. But did not give any example. Well I just ran into a perfect example: -- Checking setuid files and devices: Checking for uids of 0: root 0 Checking for passwordless accounts: Checking login.conf permissions: Checking for ports with mismatched checksums: xx.xx.nl kernel log messages: +++ /tmp/security.X5WEmRe8 2012-05-24 03:38:58.028927236 +0200 xx.xx.nl login failures: xx.xx.nl refused connections: Checking for a current audit database: Database created: Wed May 23 03:45:00 CEST 2012 Checking for packages with security vulnerabilities: 0 problem(s) in your installed packages found. -- End of security output -- Which does not really report anything other than the system is healthy. Now because of the sheer volume (with about 20+ servers to maintain) this goes into a seperate bin, which I only check on less busy times. Whereas it would go into my active mailbox when I only get allerts on which I really need to handle. This would call for something like $periodic_quiet?? and then generating the headers only if there was something to report. I'd do it myself if only the day had 36 hours... --WjW
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FBDE81C.9010909>