From owner-freebsd-questions@FreeBSD.ORG Sun Apr 24 20:12:56 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92ADB16A4CE for ; Sun, 24 Apr 2005 20:12:56 +0000 (GMT) Received: from malasada.lava.net (malasada.lava.net [64.65.64.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 54B5A43D2F for ; Sun, 24 Apr 2005 20:12:56 +0000 (GMT) (envelope-from cliftonr@lava.net) Received: by malasada.lava.net (Postfix, from userid 102) id A4026153886; Sun, 24 Apr 2005 10:12:55 -1000 (HST) Date: Sun, 24 Apr 2005 10:12:55 -1000 From: Clifton Royston To: Jay O'Brien Message-ID: <20050424201255.GD25594@tikitechnologies.com> References: <426BB50F.9060104@att.net> <20050424152608.GA64194@falcon.midgard.homeip.net> <426BFCD7.2080705@att.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <426BFCD7.2080705@att.net> User-Agent: Mutt/1.4.2i cc: FreeBSD - questions Subject: Re: Audit tools? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Apr 2005 20:12:56 -0000 On Sun, Apr 24, 2005 at 01:08:55PM -0700, Jay O'Brien wrote: > Erik Trulsson wrote: > > On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: > >>What are the tools that I should use to audit an existing > >>FreeBSD installation? Without changing anything, I wish > >>to quickly determine what is installed, i.e., the basic > >>system, ports and packages, and then to compare what is > >>installed to the currently available versions. > > > > For ports/packages you can use pkg_info(1) to see what is installed, > > and pkg_version(1) to compare what is installed to what is in the ports > > tree. > > > > For the base system there is no corresponding way to see what is > > installed or not. 'uname -a' will show which version of FreeBSD is > > installed, but after that you will have to check manually to see if all > > components are installed or not. > Erik, > Thanks; I was hoping that there were some additional tools that > I hadn't found so far. At least you have confirmed that I'm > following a reasonable procedure. > Jay You can check out the portupdate package, but of course if it's not already installed, it doesn't meet your criteria of "without changing anything." BTW, the above discussion is assuming you mean audit in the "taking an inventory" sense. If you're talking about audit in the security sense, the above doesn't do it, and you need to look at tools like mtree (should be there as built-in), Tripwire (extra package), etc. -- Clifton -- Clifton Royston -- cliftonr@tikitechnologies.com Tiki Technologies Lead Programmer/Software Architect "I'm gonna tell my son to grow up pretty as the grass is green And whip-smart as the English Channel's wide..." -- 'Whip-Smart', Liz Phair