Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-doc-cvs
Navigation:
Lists: gentoo-doc-cvs: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-doc-cvs@g.o
From: "Joshua Saddler (nightmorph)" <nightmorph@g.o>
Subject: gentoo commit in xml/htdocs/doc/en/security: security-handbook.xml shb-logging.xml
Date: Fri, 02 Apr 2010 07:34:39 +0000
nightmorph    10/04/02 07:34:39

  Modified:             security-handbook.xml shb-logging.xml
  Log:
  get the security handbook more up-to-date with working syslog-ng configs

Revision  Changes    Path
1.4                  xml/htdocs/doc/en/security/security-handbook.xml

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/security-handbook.xml?rev=1.4&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/security-handbook.xml?rev=1.4&content-type=text/plain
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/security-handbook.xml?r1=1.3&r2=1.4

Index: security-handbook.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/security-handbook.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- security-handbook.xml	29 Nov 2006 15:21:33 -0000	1.3
+++ security-handbook.xml	2 Apr 2010 07:34:39 -0000	1.4
@@ -1,8 +1,8 @@
 <?xml version='1.0' encoding='UTF-8'?>
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/security-handbook.xml,v 1.3 2006/11/29 15:21:33 nightmorph Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/security-handbook.xml,v 1.4 2010/04/02 07:34:39 nightmorph Exp $ -->
 <!DOCTYPE book SYSTEM "/dtd/book.dtd">
 
-<book link="/doc/en/security/security-handbook.xml">
+<book>
 <title>Gentoo Security Handbook</title>
 
 <author title="Author">
@@ -38,6 +38,9 @@
 <author title="Editor">
   <mail link="krispykringle@g.o">Dan Margolis</mail>
 </author>
+<author title="Editor">
+  <mail link="nightmorph"/>
+</author>
 
 <abstract>
 This is a step-by-step guide for hardening Gentoo Linux.
@@ -45,8 +48,8 @@
 
 <license/>
 
-<version>1.0</version>
-<date>2005-05-31</date>
+<version>1.1</version>
+<date>2010-04-02</date>
 
 <!--
 <section>
@@ -54,18 +57,17 @@
 <body>
 
 <p>
-In version 0.6 (Backup)
+(Backup)
 </p>
 <ul>
 <li>Arpwatch</li>
-<li>Full system backup using Systemimager</li>
 <li>Partial backup using tar</li>
 <li>Backing up postgres</li>
 </ul>
 
 
 <p>
-In version 0.8 (Penetration testing)
+(Penetration testing)
 </p>
 <ul>
 <li>Remote audits</li>
@@ -75,7 +77,7 @@
 </ul>
 
 <p>
-In version 1.0 (After a compromise)
+(After a compromise)
 </p>
 <ul>
 <li>How to report an incident</li>
@@ -86,17 +88,11 @@
 <li>Restoring system</li>
 </ul>
 
-<note>
-Please note that each version concentrates on one subject at a time.  This is for
-quality assurance purposes.
-</note>
-
 </body>
 </section>
 -->
 
 <part>
-
 <title>System Security</title>
 <abstract>
 Harden different parts of your system to make it more secure.
@@ -213,6 +209,6 @@
 </abstract>
   <include href="shb-uptodate.xml"/>
 </chapter>
-
 </part>
+
 </book>



1.6                  xml/htdocs/doc/en/security/shb-logging.xml

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-logging.xml?rev=1.6&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-logging.xml?rev=1.6&content-type=text/plain
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-logging.xml?r1=1.5&r2=1.6

Index: shb-logging.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-logging.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- shb-logging.xml	7 Mar 2007 01:51:52 -0000	1.5
+++ shb-logging.xml	2 Apr 2010 07:34:39 -0000	1.6
@@ -1,5 +1,5 @@
 <?xml version='1.0' encoding='UTF-8'?>
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-logging.xml,v 1.5 2007/03/07 01:51:52 nightmorph Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-logging.xml,v 1.6 2010/04/02 07:34:39 nightmorph Exp $ -->
 <!DOCTYPE sections SYSTEM "/dtd/book.dtd">
 
 <!-- The content of this document is licensed under the CC-BY-SA license -->
@@ -7,8 +7,8 @@
 
 <sections>
 
-<version>1.2</version>
-<date>2005-11-25</date>
+<version>1.3</version>
+<date>2010-04-02</date>
 
 <section>
 <title>Introduction</title>
@@ -208,13 +208,24 @@
 </p>
 
 <pre caption="/etc/syslog-ng/syslog-ng.conf">
-options { chain_hostnames(off); sync(0); };
+options {
+        chain_hostnames(no);
+
+        <comment># The default action of syslog-ng is to log a STATS line
+        # to the file every 10 minutes.  That's pretty ugly after a while.
+        # Change it to every 12 hours so you get a nice daily update of
+        # how many messages syslog-ng missed (0).</comment>
+        stats_freq(43200);
+};
+
+source src {
+    unix-stream("/dev/log" max-connections(256));
+    internal();
+};
 
-#source where to read log
-source src { unix-stream("/dev/log"); internal(); };
 source kernsrc { file("/proc/kmsg"); };
 
-#define destinations
+<comment># define destinations</comment>
 destination authlog { file("/var/log/auth.log"); };
 destination syslog { file("/var/log/syslog"); };
 destination cron { file("/var/log/cron.log"); };
@@ -235,10 +246,16 @@
 destination debug { file("/var/log/debug"); };
 destination messages { file("/var/log/messages"); };
 destination console { usertty("root"); };
+
+<comment># By default messages are logged to tty12...</comment>
 destination console_all { file("/dev/tty12"); };
-destination xconsole { pipe("/dev/xconsole"); };
 
-#create filters
+<comment># ...if you intend to use /dev/console for programs like xconsole
+# you can comment out the destination line above that references /dev/tty12
+# and uncomment the line below.</comment>
+#destination console_all { file("/dev/console"); };
+
+<comment># create filters</comment>
 filter f_authpriv { facility(auth, authpriv); };
 filter f_syslog { not facility(authpriv, mail); };
 filter f_cron { facility(cron); };
@@ -257,10 +274,10 @@
 filter f_warn { level(warn); };
 filter f_crit { level(crit); };
 filter f_err { level(err); };
-filter f_failed { match("failed"); };
-filter f_denied { match("denied"); };
+filter f_failed { message("failed"); };
+filter f_denied { message("denied"); };
 
-#connect filter and destination
+<comment># connect filter and destination</comment>
 log { source(src); filter(f_authpriv); destination(authlog); };
 log { source(src); filter(f_syslog); destination(syslog); };
 log { source(src); filter(f_cron); destination(cron); };
@@ -277,7 +294,7 @@
 log { source(src); filter(f_messages); destination(messages); };
 log { source(src); filter(f_emergency); destination(console); };
 
-#default log
+<comment># default log</comment>
 log { source(src); destination(console_all); };
 </pre>
 





Navigation:
Lists: gentoo-doc-cvs: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
gentoo commit in xml/htdocs/doc/en: kernel-config.xml
Next by thread:
gentoo commit in xml/htdocs/doc/en/handbook: hb-net-start.xml
Previous by date:
gentoo commit in xml/htdocs/doc/en: java.xml
Next by date:
gentoo commit in xml/htdocs/doc/en: power-management-guide.xml


Updated Jun 30, 2012

Summary: Archive of the gentoo-doc-cvs mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.