Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 24 May 2012 09:49:48 +0200
From:      Willem Jan Withagen <wjw@digiware.nl>
To:        FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Daily, weekly, security scripts....
Message-ID:  <4FBDE81C.9010909@digiware.nl>

next in thread | raw e-mail | index | archive | help
[I looked for a better list to drop this on, but other that freebsd-rc
nothing seems close.]

Hi,

I nagged about the verbosity of the periodic scripts.
But did not give any example.

Well I just ran into a perfect example:
--
Checking setuid files and devices:

Checking for uids of 0:
root 0

Checking for passwordless accounts:

Checking login.conf permissions:

Checking for ports with mismatched checksums:

xx.xx.nl kernel log messages:
+++ /tmp/security.X5WEmRe8	2012-05-24 03:38:58.028927236 +0200

xx.xx.nl login failures:

xx.xx.nl refused connections:

Checking for a current audit database:

Database created: Wed May 23 03:45:00 CEST 2012

Checking for packages with security vulnerabilities:

0 problem(s) in your installed packages found.

-- End of security output --

Which does not really report anything other than the system is healthy.

Now because of the sheer volume (with about 20+ servers to maintain)
this goes into a seperate bin, which I only check on less busy times.

Whereas it would go into my active mailbox when I only get allerts on
which I really need to handle.

This would call for something like $periodic_quiet??
and then generating the headers only if there was something to report.

I'd do it myself if only the day had 36 hours...

--WjW



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FBDE81C.9010909>