Exactly, /usr/ports/ports-mgmt/portaudit and /usr/ports/ports-mgmt/portaudit-db. You can also add: daily_status_security_chkportsum_enable="YES" to your /etc/periodic.conf to verify the checksums of the installed files. Alex.
----- Message from [email protected] --------- Date: Fri, 15 Apr 2011 08:49:49 -0700 From: Mike Bowie <[email protected]> Subject: Re: [Soekris] self auditing netbsd email script To: Philip <[email protected]> Cc: [email protected] > On 4/15/11 8:43 AM, Philip wrote: >> I have put this little script in an audit.sh file, and then set a >> crontab to run the file every 24 hrs. >> the contents of the script is >> >> #!/bin/sh >> /usr/pkg/sbin/download-vulnerability-list >> /usr/pkg/sbin/audit-packages> /root/auditpackages.txt >> if [ -s /root/auditpackages.txt ]; then (echo "Subject: Audit >> Packages Output";cat /root/auditpackages.txt)|/usr/sbin/sendmail -r >> hostname [email protected] >> fi >> >> it relies on the fact that if there are no vulnerabilities then the >> output of audit-packages is nothing, so it only sends an email if >> there is a problem. >> >> Anyone know how to do a similar thing with freebsd ? >> >> regards, Philip > > As I recall, all you need to do is install portaudit from ports... > FreeBSD will then include any vulnerable and installed ports in the > daily security output. > > HTH, > > Mike. > _______________________________________________ > Soekris-tech mailing list > [email protected] > http://lists.soekris.com/mailman/listinfo/soekris-tech > ----- End message from [email protected] ----- ======================================================================== # _ __ _ __ http://www.nagilum.org/ \n icq://69646724 # # / |/ /__ ____ _(_) /_ ____ _ [email protected] \n +491776461165 # # / / _ `/ _ `/ / / // / ' \ Amiga (68k/PPC): AOS/NetBSD/Linux # # /_/|_/\_,_/\_, /_/_/\_,_/_/_/_/ Mac (PPC): MacOS-X / Linux / MacOS-X # # /___/ x86: FreeBSD/Linux/Solaris/Win2k ARM9: EPOC EV6 # ======================================================================== ---------------------------------------------------------------- cakebox.homeunix.net - all the machine one needs.. _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
