aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorjadawin <jadawin@FreeBSD.org>2008-09-29 22:00:04 +0800
committerjadawin <jadawin@FreeBSD.org>2008-09-29 22:00:04 +0800
commit41add931e020ff085cfd1868e3e8247cea6ca7d5 (patch)
tree9f10f9ef56dd41b6efded37d8ad63ae010937f7f /security
parent10da5798617b9865585f56c71e6dd0c6c36f7f4f (diff)
downloadfreebsd-ports-gnome-41add931e020ff085cfd1868e3e8247cea6ca7d5.tar.gz
freebsd-ports-gnome-41add931e020ff085cfd1868e3e8247cea6ca7d5.tar.zst
freebsd-ports-gnome-41add931e020ff085cfd1868e3e8247cea6ca7d5.zip
- Update to 1.6
PR: ports/127708 Submitted by: valerio.daelli _AT_ gmail _DOT_ com (maintainer)
Diffstat (limited to 'security')
-rw-r--r--security/ossec-hids-server/Makefile2
-rw-r--r--security/ossec-hids-server/distinfo6
-rw-r--r--security/ossec-hids-server/files/patch-InstallServer.sh16
-rw-r--r--security/ossec-hids-server/files/patch-attack_rules.xml16
-rw-r--r--security/ossec-hids-server/files/patch-mcafee_av_rules.xml18
-rw-r--r--security/ossec-hids-server/files/patch-symantec-av_rules.xml17
-rw-r--r--security/ossec-hids-server/files/pkg-message.in2
-rw-r--r--security/ossec-hids-server/pkg-plist12
8 files changed, 81 insertions, 8 deletions
diff --git a/security/ossec-hids-server/Makefile b/security/ossec-hids-server/Makefile
index 8dfe96dfd453..ac4aaa6cfde2 100644
--- a/security/ossec-hids-server/Makefile
+++ b/security/ossec-hids-server/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= ossec-hids
-PORTVERSION= 1.4
+PORTVERSION= 1.6
PORTREVISION?= 0
CATEGORIES= security
MASTER_SITES= http://www.ossec.net/files/ \
diff --git a/security/ossec-hids-server/distinfo b/security/ossec-hids-server/distinfo
index 213d8658f0a1..9b10c7911fd0 100644
--- a/security/ossec-hids-server/distinfo
+++ b/security/ossec-hids-server/distinfo
@@ -1,3 +1,3 @@
-MD5 (ossec-hids-1.4.tar.gz) = f877f7afc225ba835bf697c026c77aa9
-SHA256 (ossec-hids-1.4.tar.gz) = 0dd7650a4c74ae2b9beec47660fd7c573eb35005e5cab6e62c640ba44930ff7f
-SIZE (ossec-hids-1.4.tar.gz) = 598579
+MD5 (ossec-hids-1.6.tar.gz) = 2ed9ef649d44ad416047a4c28eaad13c
+SHA256 (ossec-hids-1.6.tar.gz) = 07dc21b1d1b581c29c16ba0bdca525fabac775aa7f2be139708c5427261e0687
+SIZE (ossec-hids-1.6.tar.gz) = 666622
diff --git a/security/ossec-hids-server/files/patch-InstallServer.sh b/security/ossec-hids-server/files/patch-InstallServer.sh
index f1f96cda5eb5..009fa93ac8af 100644
--- a/security/ossec-hids-server/files/patch-InstallServer.sh
+++ b/security/ossec-hids-server/files/patch-InstallServer.sh
@@ -1,7 +1,15 @@
-diff -ruN src/InstallServer.sh.orig src/InstallServer.sh
---- src/InstallServer.sh.orig Sun Jan 7 23:38:16 2007
-+++ src/InstallServer.sh Thu Apr 5 15:58:08 2007
-@@ -255,12 +255,12 @@
+--- src/InstallServer.sh 2008-08-22 20:42:09.000000000 +0000
++++ src/InstallServer.sh 2008-09-28 22:10:45.000000000 +0000
+@@ -174,7 +174,7 @@
+ fi
+ fi
+
+-cp -pr ../etc/rules/* ${DIR}/rules/
++cp -pr ../etc/rules/*.xml ${DIR}/rules/
+
+ # If the local_rules is saved, moved it back
+ ls ${DIR}/rules/saved_local_rules.xml.$$ > /dev/null 2>&1
+@@ -284,12 +284,12 @@
ls ../etc/ossec.mc > /dev/null 2>&1
if [ $? = 0 ]; then
diff --git a/security/ossec-hids-server/files/patch-attack_rules.xml b/security/ossec-hids-server/files/patch-attack_rules.xml
new file mode 100644
index 000000000000..04f0fc2c846f
--- /dev/null
+++ b/security/ossec-hids-server/files/patch-attack_rules.xml
@@ -0,0 +1,16 @@
+--- etc/rules/attack_rules.xml 2008-08-29 17:15:08.000000000 +0000
++++ attack_rules.xml 2008-09-28 21:39:52.000000000 +0000
+@@ -85,11 +85,13 @@
+ <description>by a success.</description>
+ </rule>
+
++<!--
+ <rule id="40113" level="12" frequency="6" timeframe="360">
+ <if_matched_group>virus</if_matched_group>
+ <description>Multiple viruses detected - Possible outbreak.</description>
+ <group>virus,</group>
+ </rule>
++-->
+
+ </group> <!-- SYSLOG, ATTACKS, -->
+
diff --git a/security/ossec-hids-server/files/patch-mcafee_av_rules.xml b/security/ossec-hids-server/files/patch-mcafee_av_rules.xml
new file mode 100644
index 000000000000..9e2c95dc7784
--- /dev/null
+++ b/security/ossec-hids-server/files/patch-mcafee_av_rules.xml
@@ -0,0 +1,18 @@
+--- etc/rules/mcafee_av_rules.xml 2008-08-28 15:56:00.000000000 +0000
++++ mcafee_av_rules.xml 2008-09-28 21:39:52.000000000 +0000
+@@ -42,6 +42,7 @@
+ <description>McAfee Windows AV error event.</description>
+ </rule>
+
++<!--
+ <rule id="7504" level="12">
+ <if_sid>7500</if_sid>
+ <regex>$MCAFEE_VIRUS</regex>
+@@ -62,6 +63,7 @@
+ <group>virus</group>
+ <description>McAfee Windows AV - Virus detected and file will be deleted.</description>
+ </rule>
++-->
+
+ <rule id="7507" level="3">
+ <if_sid>7500</if_sid>
diff --git a/security/ossec-hids-server/files/patch-symantec-av_rules.xml b/security/ossec-hids-server/files/patch-symantec-av_rules.xml
new file mode 100644
index 000000000000..20cc6a69535b
--- /dev/null
+++ b/security/ossec-hids-server/files/patch-symantec-av_rules.xml
@@ -0,0 +1,17 @@
+--- etc/rules/symantec-av_rules.xml 2008-06-17 17:03:56.000000000 +0000
++++ symantec-av_rules.xml 2008-09-28 21:39:52.000000000 +0000
+@@ -31,12 +31,14 @@
+ <description>Grouping of Symantec AV rules from eventlog.</description>
+ </rule>
+
++<!--
+ <rule id="7310" level="9">
+ <if_sid>7300, 7301</if_sid>
+ <id>^5$|^17$</id>
+ <group>virus</group>
+ <description>Virus detected.</description>
+ </rule>
++-->
+
+ <rule id="7320" level="3">
+ <if_sid>7300, 7301</if_sid>
diff --git a/security/ossec-hids-server/files/pkg-message.in b/security/ossec-hids-server/files/pkg-message.in
index d4be60736e68..7b6a0e4131d9 100644
--- a/security/ossec-hids-server/files/pkg-message.in
+++ b/security/ossec-hids-server/files/pkg-message.in
@@ -16,3 +16,5 @@ http://www.ossec.net/wiki/index.php/Know_How:DatabaseOutput
When you deinstall this port after starting the daemons once, many directories that are
created by the daemons will remain. To fully remove the port you need to delete those
directories manually.
+To further enhance the security on your system, you may also enable some checks
+in PAM for a fast reaction against intrusions.
diff --git a/security/ossec-hids-server/pkg-plist b/security/ossec-hids-server/pkg-plist
index 6b9397bfd7d9..f471f0747524 100644
--- a/security/ossec-hids-server/pkg-plist
+++ b/security/ossec-hids-server/pkg-plist
@@ -19,6 +19,10 @@
%%PORTNAME%%/bin/ossec-remoted
%%PORTNAME%%/bin/ossec-syscheckd
%%PORTNAME%%/bin/syscheck_update
+%%PORTNAME%%/bin/ossec-csyslogd
+%%PORTNAME%%/bin/agent_control
+%%PORTNAME%%/bin/syscheck_control
+%%PORTNAME%%/bin/rootcheck_control
%%PORTNAME%%/etc/decoder.xml
%%PORTNAME%%/etc/internal_options.conf
@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi
@@ -29,6 +33,9 @@
%%PORTNAME%%/etc/shared/win_applications_rcl.txt
%%PORTNAME%%/etc/shared/win_audit_rcl.txt
%%PORTNAME%%/etc/shared/win_malware_rcl.txt
+%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt
+%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt
+%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt
%%PORTNAME%%/logs/ossec.log
%%PORTNAME%%/rules/apache_rules.xml
%%PORTNAME%%/rules/arpwatch_rules.xml
@@ -73,6 +80,11 @@
%%PORTNAME%%/rules/vsftpd_rules.xml
%%PORTNAME%%/rules/web_rules.xml
%%PORTNAME%%/rules/zeus_rules.xml
+%%PORTNAME%%/rules/vmware_rules.xml
+%%PORTNAME%%/rules/vmpop3d_rules.xml
+%%PORTNAME%%/rules/solaris_bsm_rules.xml
+%%PORTNAME%%/rules/mcafee_av_rules.xml
+%%PORTNAME%%/rules/asterisk_rules.xml
@dirrmtry %%PORTNAME%%/var/run
@dirrmtry %%PORTNAME%%/var
@dirrmtry %%PORTNAME%%/tmp