Port details |
- bsmtrace BSM based intrusion detection system
- 1.4_2 security =5 1.4_2Version of this port present on the latest quarterly branch.
- Maintainer: csjp@FreeBSD.org
- Port Added: 2007-07-15 17:47:52
- Last Update: 2024-01-10 15:29:49
- Commit Hash: e4610fc
- People watching this port, also watch:: fping, lft, rrdtool, tor, openssl
- License: BSD2CLAUSE
- WWW:
- https://people.freebsd.org/~csjp/bsmtrace/bsmtrace.txt
- Description:
- bsmtrace is a BSM based intrusion detection system, utilizing audit trails
and real-time audit event analysis through auditpipe(4). This host based
IDS operates using a finite state machine principles with a flexible
sequence driven signature system.
- ¦ ¦ ¦ ¦
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- bsmtrace>0:security/bsmtrace
- To install the port:
- cd /usr/ports/security/bsmtrace/ && make install clean
- To add the package, run one of these commands:
- pkg install security/bsmtrace
- pkg install bsmtrace
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: bsmtrace
- Flavors: there is no flavor information for this port.
- distinfo:
- SHA256 (bsmtrace-1.4.tar.gz) = c325a3246ace8aef835b30f542a3028c3f1a14784c8e83236624f04d26269f95
SIZE (bsmtrace-1.4.tar.gz) = 25169
Packages (timestamps in pop-ups are UTC):
- This port has no dependencies.
- There are no ports dependent upon this port
Configuration Options:
- ===> The following configuration options are available for bsmtrace-1.4_2:
EXAMPLES=on: Build and/or install examples
PCRE=off: Use Perl Compatible Regular Expressions
===> Use 'make config' to modify these settings
- Options name:
- security_bsmtrace
- FreshPorts was unable to extract/find any pkg message
- Master Sites:
|
Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.4_2 10 Jan 2024 15:29:49 |
Baptiste Daroussin (bapt) |
MAN?PREFIX: eleminate its usage and move man to share/man |
07 Sep 2022 21:58:51 |
Stefan Eßer (se) |
Remove WWW entries moved into port Makefiles
Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner) |
1.4_1 07 Sep 2022 21:10:59 |
Stefan Eßer (se) |
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above ) |
1.4_1 20 Jul 2022 14:22:56 |
Tobias C. Berner (tcberner) |
security: remove 'Created by' lines
A big Thank You to the original contributors of these ports:
* <ports@c0decafe.net>
* Aaron Dalton <aaron@FreeBSD.org>
* Adam Weinberger <adamw@FreeBSD.org>
* Ade Lovett <ade@FreeBSD.org>
* Aldis Berjoza <aldis@bsdroot.lv>
* Alex Dupre <ale@FreeBSD.org>
* Alex Kapranoff <kappa@rambler-co.ru>
* Alex Samorukov <samm@freebsd.org>
* Alexander Botero-Lowry <alex@foxybanana.com>
* Alexander Kriventsov <avk@vl.ru>
* Alexander Leidinger <netchild@FreeBSD.org> (Only the first 15 lines of the commit message are shown above ) |
1.4_1 06 Apr 2021 14:31:07 |
Mathieu Arnold (mat) |
Remove # $FreeBSD$ from Makefiles. |
1.4_1 24 Aug 2020 00:28:45 |
kevans |
security/bsmtrace: backport the -fno-common fix
This port is the older version of bsmtrace and should go away in due time,
but it's easy enough to backport the fix in the meantime. This version did
need an additional fix to log.{c,h} that was no longer needed in 3.x.
PR: 248756
Approved by: csjp (maintainer, also discussed with)
MFH: 2020Q3 (-fno-common build fix) |
1.4_1 16 Apr 2020 00:27:18 |
kevans |
security/bsmtrace: switch MAINTAINER over to csjp@
alm@ and csjp@ are both upstream maintainers of bsmtrace; they've decided to
transfer maintainership of bsmtrace over to csjp@. PORTREVISION bump to
reflect the new maintainer in the package.
Approved by: alm (maintainer, via e-mail)
Approved by: koobs (mentor, ports)
MFH: 2020Q2 (blanket: metadata update, MAINTAINER consistency) |
1.4 14 Aug 2019 12:16:13 |
mat |
Convert to UCL & cleanup pkg-message (categories s) |
1.4 23 Jul 2017 09:01:04 |
amdmi3 |
- Add LICENSE
- Switch to options helpers
- Update WWW
Approved by: portmgr blanket |
1.4 30 Jul 2016 00:00:11 |
bapt |
Prevent collision with dprintf(3) |
1.4 01 Apr 2016 14:25:18 |
mat |
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.
With hat: portmgr
Sponsored by: Absolight |
1.4 08 Oct 2015 15:12:22 |
olgeni |
Remove trailing whitespace from Makefiles, M-X. |
1.4 14 May 2015 10:15:09 |
mat |
MASTER_SITES cleanup.
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.
While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.
Also, replace some EXTRACT_SUFX occurences with USES=tar:*.
Checked by: make fetch-urlall-list
With hat: portmgr
Sponsored by: Absolight |
1.4 13 Nov 2014 09:02:57 |
antoine |
Cleanup plist |
1.4 11 Jun 2014 14:50:00 |
tijl |
Support LIBS like LDFLAGS.
- Add LIBS="${LIBS}" to MAKE_ENV and CONFIGURE_ENV.
- Add an option helper for LIBS.
- Adjust all ports that already use LIBS. Also remove references to
PTHREAD_CFLAGS and PTHREAD_LIBS while here.
- Some ports did not support having a LIBS environment variable and
required additional patches.
Somewhat simplified a linker command line looks like:
${CC} ${src_LDFLAGS} ${LDFLAGS} ${src_LIBS} ${LIBS}
where src_LDFLAGS and src_LIBS are controlled by upstream and LDFLAGS and
LIBS can be controlled by us. If possible -L and -l flags need to be (Only the first 15 lines of the commit message are shown above ) |
1.4 09 Feb 2014 20:29:37 |
lme |
Update to 1.4
PR: ports/186595
Submitted by: maintainer
Approved by: maintainer |
1.3_3 08 Feb 2014 20:54:45 |
ehaupt |
- Support staging
- Respect CC
- Respect CFLAGS
- Fix build with PCRE option
- Convert to OPTIONSng |
1.3_2 20 Sep 2013 22:55:26 |
bapt |
Add NO_STAGE all over the place in preparation for the staging support (cat:
security) |
1.3_2 10 Dec 2012 19:11:12 |
mm |
Update PCRE to 8.32
Introduces the UTF-32 library pcre32
Bump PORTREVISION in dependent ports |
1.3_1 25 May 2012 17:15:53 |
crees |
Set MAKE_JOBS_UNSAFE-- does not build with FORCE_MAKE_JOBS
PR: ports/167599
Submitted by: Bryan Drewery <bryan@shatow.net>
Approved by: alm (maintainer)
Remove compatibility for FreeBSD <7; obsolete versions
PR: ports/168280
Submitted by: crees
Approved by: alm (maintainer) |
1.3_1 14 Feb 2012 12:45:35 |
mm |
Bump pcre library dependency due to 8.30 update |
1.3 06 Jun 2011 17:06:36 |
csjp |
Update bsmtrace port to version 1.3
-Add support for larger set sizes (for group/user specifications)
-Add the ability to pass the effective uid to a trigger
-Fixed bug which resulted in "status" being ignored for single
state sequences
-Added support for logging channels.
-Added support for state triggers.
-Fixed bug where alerts were being produced for state machines
that have been expired. (Alerts have already been generated).
-Fixed two memory leaks which could really impact systems with high
volumes audit records.
Approved by: wxs
Reviewed by: alm (maintainer) |
1.1.0 24 Oct 2007 01:08:36 |
csjp |
Update bsmtrace to 1.1.0.
1.1.0 fixes a pretty serious bug which resulted in BSM records without
pathname tokens being processed in some cases.
Additionally, timeout-window and timeout-probability features were added
to allow people defining sequences with timeouts to add an element of
randomness to the timeout, in theory making it more difficult for people
to attack.
timeout 60;
timeout-window 10;
timeout-probability 65;
Basically equates to:
"This sequence should timeout in a random amount of time, where the
probability of the timeout being from 60-70 is 65%"
It should be noted that there is a probability of 35% that the value will
be completely random. So naturally, the lower the timeout-probability, the
more random the timeout will be.
Approved by: tmclaugh |
1.0.3 15 Jul 2007 17:46:42 |
csjp |
Add the bsmtrace port.
bsmtrace is a audit driven host based intrusion detection system which
operates on finite state machine principles. Since it's audit driven,
it requires that operating system security auditing be enabled. This
requires FreeBSD 6.2 at a minimum. By default it provides real-time
analysis through the use of an audit pipe, however it can operate on
regular audit trail files as well.
Approved by: Pav
Reviewed by: Pav (and others) |