From owner-freebsd-security Sun Sep 19 12:14:24 1999 Delivered-To: freebsd-security@freebsd.org Received: from ns.mt.sri.com (ns.mt.sri.com [206.127.79.91]) by hub.freebsd.org (Postfix) with ESMTP id EDEFC158CD for ; Sun, 19 Sep 1999 12:14:14 -0700 (PDT) (envelope-from nate@mt.sri.com) Received: from mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by ns.mt.sri.com (8.9.3/8.9.3) with SMTP id NAA15999; Sun, 19 Sep 1999 13:13:28 -0600 (MDT) (envelope-from nate@rocky.mt.sri.com) Received: by mt.sri.com (SMI-8.6/SMI-SVR4) id NAA25668; Sun, 19 Sep 1999 13:13:23 -0600 Date: Sun, 19 Sep 1999 13:13:23 -0600 Message-Id: <199909191913.NAA25668@mt.sri.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: "Jordan K. Hubbard" Cc: "Rodney W. Grimes" , imp@village.org (Warner Losh), wes@softweyr.com (Wes Peters), brett@lariat.org (Brett Glass), security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel In-Reply-To: <2091.937636119@localhost> References: <199909180624.XAA50611@gndrsh.dnsmgr.net> <2091.937636119@localhost> X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid Reply-To: nate@mt.sri.com (Nate Williams) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I'm surprised nobody has brought up /dev/audit and the whole Digital > Unix approach to security (OS-level event monitoring and active > counter-measures). There is work in progress by both Robert Watson and myself for a project at work to do this. I attempted to work with Robert, but due to my own scheduling conflicts and his vacation this summer in Europe, it was difficult to get organized, so I'm off doing my own thing, and he is as well. I hope to have some early snapshots available around the first of the year of /dev/audit functionality for FreeBSD. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message