From owner-freebsd-current@FreeBSD.ORG Wed May 7 17:56:53 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C56C8106564A for ; Wed, 7 May 2008 17:56:53 +0000 (UTC) (envelope-from hugo@barafranca.com) Received: from mail.barafranca.com (mail.barafranca.com [67.213.67.47]) by mx1.freebsd.org (Postfix) with ESMTP id A2EAD8FC15 for ; Wed, 7 May 2008 17:56:53 +0000 (UTC) (envelope-from hugo@barafranca.com) Received: from localhost (unknown [172.16.100.24]) by mail.barafranca.com (Postfix) with ESMTP id C50E3CAF; Wed, 7 May 2008 17:42:42 +0000 (UTC) X-Virus-Scanned: amavisd-new at barafranca.com Received: from mail.barafranca.com ([172.16.100.24]) by localhost (mail.barafranca.com [172.16.100.24]) (amavisd-new, port 10024) with ESMTP id wT3FNGG8IqvP; Wed, 7 May 2008 17:42:04 +0000 (UTC) Received: from [192.168.200.26] (a213-22-25-165.cpe.netcabo.pt [213.22.25.165]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.barafranca.com (Postfix) with ESMTPSA id 66D3FCA5; Wed, 7 May 2008 17:42:03 +0000 (UTC) Message-ID: <4821DBDE.5010600@barafranca.com> Date: Wed, 07 May 2008 18:42:06 +0200 From: Hugo Silva User-Agent: Thunderbird 2.0.0.9 (X11/20071213) MIME-Version: 1.0 To: Jonathan Bond-Caron References: <000601c8b044$a4616490$ed242db0$@com> In-Reply-To: <000601c8b044$a4616490$ed242db0$@com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org Subject: Re: Freebsd auditing in 7.0? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2008 17:56:53 -0000 Jonathan Bond-Caron wrote: > Hi everyone, > > > > I recently read this paper: > http://www.trustedbsd.org/20060303-ukuug2006lisa-audit.pdf > > I'm wondering if there are any new features in 7.0 for auditing freebsd and > if audit is included in the base? > > > > I've been using syslog-ng on 6.2 for some time but audit looks more rigorous > to track system events & changes. Are there auditing options in 7.0 that > allow sending logs to a central server over SSL? Or any recommendations > other then syslog-ng? > > > > The goal is track more system events & centralize the log files at a central > server. > > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" > man 4 audit