Date: Fri, 27 Sep 2002 12:23:29 GMT From: klm <klm@ruby.ir.exodus.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/43425: New port: security/ftimes - A system baselining and evidence collection tool Message-ID: <200209271223.g8RCNTP5076700@ruby.ir.exodus.net>
next in thread | raw e-mail | index | archive | help
>Number: 43425 >Category: ports >Synopsis: New port: security/ftimes - A system baselining and evidence collection tool >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Sep 27 09:20:04 PDT 2002 >Closed-Date: >Last-Modified: >Originator: klm >Release: FreeBSD 4.6.1-RELEASE-p10 i386 >Organization: >Environment: System: FreeBSD ruby.ir.exodus.net 4.6.1-RELEASE-p10 FreeBSD 4.6.1-RELEASE-p10 #0: Tue Aug 6 15:24:22 EDT 2002 root@nerve.mud:/usr/obj/usr/src/sys/GENERIC i386 >Description: FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop information about specified directories and files in a manner conducive to intrusion analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # ftimes # ftimes/pkg-comment # ftimes/pkg-plist # ftimes/Makefile # ftimes/pkg-descr # ftimes/distinfo # ftimes/pkg-message # echo c - ftimes mkdir -p ftimes > /dev/null 2>&1 echo x - ftimes/pkg-comment sed 's/^X//' >ftimes/pkg-comment << 'END-of-ftimes/pkg-comment' XA system baselining and evidence collection tool END-of-ftimes/pkg-comment echo x - ftimes/pkg-plist sed 's/^X//' >ftimes/pkg-plist << 'END-of-ftimes/pkg-plist' Xbin/ftimes Xcgi/nph-ftimes.cgi Xdoc/ftimes.html Xetc/dig.cfg.sample Xetc/get.cfg.sample Xetc/map.cfg.sample Xetc/put.cfg.sample X@unexec rmdir %D/bin 2> /dev/null || true X@unexec rmdir %D/cgi 2> /dev/null || true X@unexec rmdir %D/doc 2> /dev/null || true X@unexec rmdir %D/etc 2> /dev/null || true X@unexec rmdir %D/man/man1 2> /dev/null || true X@unexec rmdir %D/man 2> /dev/null || true X@unexec rmdir %D 2> /dev/null || true END-of-ftimes/pkg-plist echo x - ftimes/Makefile sed 's/^X//' >ftimes/Makefile << 'END-of-ftimes/Makefile' X# New ports collection makefile for: ftimes X# Date created: 20 August 2002 X# Whom: Klayton Monroe <klm@ir.exodus.net> X# X# $FreeBSD$ X# X XPORTNAME= ftimes XPORTVERSION= 3.1.0 XCATEGORIES= security sysutils XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} XMASTER_SITE_SUBDIR= ftimes XEXTRACT_SUFX= .tgz X XMAINTAINER= klm@ir.exodus.net X XMAN1= ftimes.1 X XPREFIX= ${LOCALBASE}/integrity X XGNU_CONFIGURE= YES X XNO_MTREE= YES X X.if defined(WITHOUT_SSL) XCONFIGURE_ARGS= --without-ssl X.else XUSE_OPENSSL= YES XCONFIGURE_ARGS= --with-ssl=${OPENSSLBASE} X.endif X Xpre-build: X @${MV} ${WRKSRC}/etc/dig.cfg ${WRKSRC}/etc/dig.cfg.sample X @${MV} ${WRKSRC}/etc/get.cfg ${WRKSRC}/etc/get.cfg.sample X @${MV} ${WRKSRC}/etc/map.cfg ${WRKSRC}/etc/map.cfg.sample X @${MV} ${WRKSRC}/etc/put.cfg ${WRKSRC}/etc/put.cfg.sample X @${MV} ${WRKSRC}/etc/Makefile ${WRKSRC}/etc/Makefile.orig X @${SED} 's/\(\.cfg\)/\1.sample/g' ${WRKSRC}/etc/Makefile.orig > ${WRKSRC}/etc/Makefile X Xpost-install: X @strip ${PREFIX}/bin/ftimes X @${CAT} ${PKGMESSAGE} X X.include <bsd.port.mk> END-of-ftimes/Makefile echo x - ftimes/pkg-descr sed 's/^X//' >ftimes/pkg-descr << 'END-of-ftimes/pkg-descr' XFTimes is a system baselining and evidence collection tool. Its Xprimary purpose is to gather and/or develop information about Xspecified directories and files in a manner conducive to intrusion Xanalysis. It was designed to support the following initiatives: Xcontent integrity monitoring, incident response, intrusion analysis, Xand computer forensics. X XWWW: http://ftimes.sourceforge.net/FTimes/ END-of-ftimes/pkg-descr echo x - ftimes/distinfo sed 's/^X//' >ftimes/distinfo << 'END-of-ftimes/distinfo' XMD5 (ftimes-3.1.0.tgz) = 4a80aedddd6c0ec01f0597a00332e17d END-of-ftimes/distinfo echo x - ftimes/pkg-message sed 's/^X//' >ftimes/pkg-message << 'END-of-ftimes/pkg-message' X X---------------------------------------------------------------------- X X If necessary, check the value of ${PREFIX} and update your PATH X and MANPATH environment variables accordingly. By default, FTimes X is rooted in the following location: /usr/local/integrity. X X For information on how to configure an Apache Web server to handle X FTimes requests and verify client-server connectivity, refer to X the INSTALL document located in the project's source tree. X X "System Baselining -- A Forensic Perspective" provides additional X background information for those interested in the subject. This X paper, written in LaTeX, is called baselining.tex and is located X in the project's source tree. A PDF version of the same is X available at: http://ftimes.sourceforge.net/FTimes/Papers.shtml X X Sample configuration files can be found in ${PREFIX}/etc. X X---------------------------------------------------------------------- X END-of-ftimes/pkg-message exit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200209271223.g8RCNTP5076700>