From: deb@freebsdfoundation.org   
      
   The FreeBSD Foundation is pleased to announce that Pawel Jakub Dawidek has   
   been awarded a grant to implement auditdistd daemon.   
      
   The FreeBSD audit facility provides fine-grained, configurable logging   
   of security-relevant events.  One of the key purposes of logging   
   security events is postmortem analysis in case of system compromise.   
   Currently the kernel can push audit records directly into a file or make   
   them available through /dev/auditpipe device.  Because audit logs are   
   stored locally by the kernel, an attacker has access to them once the   
   system is compromised, which enables him to remove trails of his   
   activity.   
      
   The auditdistd project goal is to securely and reliabily distribute   
   audit records over the TCP/IP network from a local auditdistd daemon to   
   a remote auditdistd daemon. In case of source system compromise,   
   attacker's activity can be analysed using data collected by the remote   
   system, as only remote system's audit logs can be trusted then.   
      
   The project will conclude in February 2012.   
      
   _______________________________________________   
   freebsd-announce@freebsd.org mailing list   
   http://lists.freebsd.org/mailman/listinfo/freebsd-announce   
   To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)