Audit tools?
Jay O'Brien
jayobrien at att.net
Sun Apr 24 16:52:38 PDT 2005
Clifton Royston wrote:
> On Sun, Apr 24, 2005 at 01:08:55PM -0700, Jay O'Brien wrote:
>
>>Erik Trulsson wrote:
>>
>>>On Sun, Apr 24, 2005 at 08:02:39AM -0700, Jay O'Brien wrote:
>>>
>>>>What are the tools that I should use to audit an existing
>>>>FreeBSD installation? Without changing anything, I wish
>>>>to quickly determine what is installed, i.e., the basic
>>>>system, ports and packages, and then to compare what is
>>>>installed to the currently available versions.
>>>
>>>For ports/packages you can use pkg_info(1) to see what is installed,
>>>and pkg_version(1) to compare what is installed to what is in the ports
>>>tree.
>>>
>>>For the base system there is no corresponding way to see what is
>>>installed or not. 'uname -a' will show which version of FreeBSD is
>>>installed, but after that you will have to check manually to see if all
>>>components are installed or not.
>>
>>Erik,
>>Thanks; I was hoping that there were some additional tools that
>>I hadn't found so far. At least you have confirmed that I'm
>>following a reasonable procedure.
>>Jay
>
>
> You can check out the portupdate package, but of course if it's not
> already installed, it doesn't meet your criteria of "without changing
> anything."
>
> BTW, the above discussion is assuming you mean audit in the "taking
> an inventory" sense. If you're talking about audit in the security
> sense, the above doesn't do it, and you need to look at tools like
> mtree (should be there as built-in), Tripwire (extra package), etc.
>
> -- Clifton
>
Clifton,
You are right, I wasn't specific enough. By audit, I mean "taking an
inventory", not looking for security holes.
Thanks for your input!
Jay
More information about the freebsd-questions
mailing list