Date: Sat, 25 Jun 2016 16:55:45 +0200 From: Steffen Nurpmeso <steffen@sdaoden.eu> To: Glen Barber <gjb@FreeBSD.org> Cc: freebsd-current@freebsd.org Subject: Re: svn commit: r302185 - head/release/doc/en_US.ISO8859-1/relnotes Message-ID: <20160625145545.-s35vVVMV%steffen@sdaoden.eu> In-Reply-To: <20160625132153.GP19747@FreeBSD.org> References: <201606242342.u5ONgXTu041633@repo.freebsd.org> <20160625130211.om_RIztzB%steffen@sdaoden.eu> <20160625132153.GP19747@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Glen Barber <gjb@FreeBSD.org> wrote: |On Sat, Jun 25, 2016 at 03:02:11PM +0200, Steffen Nurpmeso wrote: |>| A selection of system daemons, including: |>| <application>fingerd</application>, |>| <application>ftpd</application>, |>|- <application>rlogind</application>, |>|- <application>rshd</application>, and |>|- <application>sshd</application> have been modified to support |>|+ <application>rlogind</application>, and |>|+ <application>rshd</application> have been modified to support |>| sending notifications to the <application>blacklistd</application> |>| daemon.</para> |>=20 |> Allow me to continue hoping nonetheless. |> In this great future, you can't forget your past. | |I hope the issues can be resolved before 11.0-RELEASE. I personally |look forward to this change, but the revert was necessary. It is very likely that you and D.E. Sm=C3=B8rgrav are right, and then 11.0 is to be expected for September. In fact i was only looking at this from a very narrow user perspective and, in addition, never liked that log files have to be parsed to recollect states that were known by the generating daemon. It can only be that commercial software does this better, more integrated, but i don't know. So once the blacklistd idea came up, which was, if i recall correctly, shortly after DragonFly BSD introduced their own logfile analyzer, didn't they?, i was kind of thrilled, because isn't that the first time that the right thing is done to face that problem? In my opinion it would be great if all servers that listen to the outside world would gain the necessary hooks for "bad command", "bad login", "good login", possibly more. This would create an integrated, synchronous mesh of firewall and servers, so talking about clowds.., i am looking forward to this. If rules would become more sophisticated, e.g., "user IP tried to post messages with more than X KB the Y time", and that could be taken into account. And then it also requires less CPU time and thus energy, then having a logfile analyzer running in addition. Thank you. Have a nice weekend. --steffen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160625145545.-s35vVVMV%steffen>