From owner-freebsd-questions@FreeBSD.ORG Sun Apr 24 23:52:38 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BE4116A4CE for ; Sun, 24 Apr 2005 23:52:38 +0000 (GMT) Received: from mtiwmhc11.worldnet.att.net (mtiwmhc11.worldnet.att.net [204.127.131.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8DB1E43D2F for ; Sun, 24 Apr 2005 23:52:37 +0000 (GMT) (envelope-from jayobrien@att.net) Received: from [192.168.1.6] (dsl093-180-184.sac1.dsl.speakeasy.net[66.93.180.184]) by worldnet.att.net (mtiwmhc11) with ESMTP id <200504242353021110013if6e>; Sun, 24 Apr 2005 23:53:03 +0000 Message-ID: <426C3143.70907@att.net> Date: Sun, 24 Apr 2005 16:52:35 -0700 From: Jay O'Brien User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040803 X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD - questions References: <426BB50F.9060104@att.net> <20050424152608.GA64194@falcon.midgard.homeip.net> <426BFCD7.2080705@att.net> <20050424201255.GD25594@tikitechnologies.com> In-Reply-To: <20050424201255.GD25594@tikitechnologies.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: Audit tools? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Apr 2005 23:52:38 -0000 Clifton Royston wrote: > On Sun, Apr 24, 2005 at 01:08:55PM -0700, Jay O'Brien wrote: > >>Erik Trulsson wrote: >> >>>On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote: >>> >>>>What are the tools that I should use to audit an existing >>>>FreeBSD installation? Without changing anything, I wish >>>>to quickly determine what is installed, i.e., the basic >>>>system, ports and packages, and then to compare what is >>>>installed to the currently available versions. >>> >>>For ports/packages you can use pkg_info(1) to see what is installed, >>>and pkg_version(1) to compare what is installed to what is in the ports >>>tree. >>> >>>For the base system there is no corresponding way to see what is >>>installed or not. 'uname -a' will show which version of FreeBSD is >>>installed, but after that you will have to check manually to see if all >>>components are installed or not. >> >>Erik, >>Thanks; I was hoping that there were some additional tools that >>I hadn't found so far. At least you have confirmed that I'm >>following a reasonable procedure. >>Jay > > > You can check out the portupdate package, but of course if it's not > already installed, it doesn't meet your criteria of "without changing > anything." > > BTW, the above discussion is assuming you mean audit in the "taking > an inventory" sense. If you're talking about audit in the security > sense, the above doesn't do it, and you need to look at tools like > mtree (should be there as built-in), Tripwire (extra package), etc. > > -- Clifton > Clifton, You are right, I wasn't specific enough. By audit, I mean "taking an inventory", not looking for security holes. Thanks for your input! Jay