Re: [Bastille-linux-discuss] psad integrated
This tool locks down Linux and UNIX systems.
Brought to you by:
jay
Menu
▾
▴
Re: [Bastille-linux-discuss] psad integrated
|
From: Jay B. <ja...@ba...> - 2001-11-26 16:10:26
|
In the wise words of Michael Rash: > On Nov 24, 2001, Jay Beale wrote: > > > New release on it's way.... > > > > What should the RPM build process do with the whois-foo/ directory? > > Ramiro Morales built all of the RPMS of psad, so I'm in uncharted territory > here. However, I think there are two areas that will need to be ironed out > with the RPM build process: > > -we need to compile the whois client that comes bundled with psad, so judging > from the way Ramiro's RPMS look we will need to do something like > 'make OPTS="$RPM_OPT_FLAGS" -C whois-4.5.6' > > -we also need to run the following command within the Psad.pm directory: > 'perl Makefile.PL && make && make test && make install'. > > I'm sure Ramiro would have some good input on this one. (I need to go learn > more about RPM). There's a very solid RPM Howto that comes up on a google search. It's brief enough to read cover to cover, while comprehensive enough to leave you in very good shape once you're finished. I've also checked the RPM spec file into CVS, in our packaging directory. It might be useful, though it doesn't really show the build process for a compiled program.... - Jay > > In the wise words of Michael Rash: > > > > > With Jay's permission, I have committed psad into the Bastille CVS > > > repository. Jay, can we have a new -pre release? This is a preliminary > > > integration of psad with Bastille, and so now is the time to find any > > > problems. > > > > > > Known issues: > > > > > > 1. Right now, if the admin chooses to activate psad, ultra chatty protocols > > > such as Netbios and stuff that uses multicast will be dropped and not > > > logged unless these protocols are explicitly accepted. This is probably > > > an ok strategy since the admin has to specify what things should be let > > > through the firewall anyway so we really aren't making the firewall any > > > more or less restrictive... we are just modifying how the firewall will > > > generate log messages. Note: hopefully we will have a better way to > > > deal with this in the near future, but if the current strategy does not > > > work for anyone, please let me know. > > > > > > 2. psad only works with ipchains and iptables right now, so this probably > > > precludes it from working with HPUX. However, if HPUX has a firewall > > > built into the kernel, then it should not be too hard to get psad to run > > > there too (I would be glad to help if anyone is interested in doing > > > this). > > > > > > Feedback of any kind is always much appreciated! > > > > > > --Mike > > > > > > Michael B. Rash > > > http://www.cipherdyne.com > > > Key fingerprint = 8E40 0826 4BBD 9DAF 4563 695C AC21 A428 70C9 B006 > > > > > > _______________________________________________ > > > bastille-linux-discuss mailing list > > > bas...@li... > > > https://lists.sourceforge.net/lists/listinfo/bastille-linux-discuss > > > > -- > > Key: http://www.bastille-linux.org/jay/less-secure-key Fingerprint: > > 1024D/DA510269 2001-06-23 Jay Beale (Not So Secure Key) <ja...@zo...> > > Key fingerprint = 7298 E23D 621D ED80 FB32 9663 8B3F 9A87 DA51 0269 > > > > _______________________________________________ > > bastille-linux-discuss mailing list > > bas...@li... > > https://lists.sourceforge.net/lists/listinfo/bastille-linux-discuss -- Key: http://www.bastille-linux.org/jay/less-secure-key Fingerprint: 1024D/DA510269 2001-06-23 Jay Beale (Not So Secure Key) <ja...@zo...> Key fingerprint = 7298 E23D 621D ED80 FB32 9663 8B3F 9A87 DA51 0269 |