FreeBSD Security Event Auditing

FreeBSD Security Event Auditing
Federico Biancuzzi, 2006-11-10

The upcoming release of FreeBSD 6.2 includes the new Security Event Auditing system, that "permits the selective and fine-grained logging of security-relevant system events for the purposes of post-mortem analysis, intrusion detection, and run-time monitoring analysis." Federico Biancuzzi interviewed Robert Watson, founder of the TrustedBSD project, and discussed the advantages and potentialities it brings.

Re: FreeBSD Security Event Auditing 2006-11-30
Alegr

Windows NT has had security event logging since 3.0 I think. As well as Access Control Lists, as opposed to 9 bit "access mask". It doesn't hurt to know "dark side" a bit, before praising "new great features"....

[ more ]