Audit Class Lab

Tue Jul 28 13:05:06 UTC 2015

Hi,
A little off topic, but maybe the answer is known.
 is there a similar event to 2015 Defense in Depth in Europe.
I would have a hard time to get approval for a one day session in the US.

Regards
Philippe

-----Message d'origine-----
De : linux-audit-bounces at redhat.com [mailto:linux-audit-bounces at redhat.com] De la part de linux-audit-request at redhat.com
Envoyé : lundi 27 juillet 2015 18:00
À : linux-audit at redhat.com
Objet : Linux-audit Digest, Vol 130, Issue 18

Send Linux-audit mailing list submissions to
        linux-audit at redhat.com

To subscribe or unsubscribe via the World Wide Web, visit
        https://www.redhat.com/mailman/listinfo/linux-audit
or, via email, send a message with subject or body 'help' to
        linux-audit-request at redhat.com

You can reach the person managing the list at
        linux-audit-owner at redhat.com

When replying, please edit your Subject line so it is more specific than "Re: Contents of Linux-audit digest..."

Today's Topics:

   1. Re: FTBFS with clang instead of gcc (Zbigniew J?drzejewski-Szmek)
   2. Re: Audit class/lab (Steve Grubb)

----------------------------------------------------------------------

Message: 1
Date: Sun, 26 Jul 2015 21:49:50 +0000
From: Zbigniew J?drzejewski-Szmek <zbyszek at in.waw.pl>
To: Laurent Bigonville <bigon at debian.org>
Cc: linux-audit at redhat.com, 787066-forwarded at bugs.debian.org
Subject: Re: FTBFS with clang instead of gcc
Message-ID: <20150726214950.GC27014 at in.waw.pl>
Content-Type: text/plain; charset=us-ascii

On Sun, Jul 26, 2015 at 03:58:44PM +0200, Laurent Bigonville wrote:
> Hi,
>
> Apparently audit is FTBFS with clang due to the embedded version of
> libev with the following error (see: [0]):
>
> ../../../../src/libev/ev.c:970:42: error: '_Noreturn' keyword must
> precede function declarator
>
> The bug[0] provides a patch. I don't think this has been fixed
> upstream yet. There was however a small thread [1] about this on
> upstream ML.
>
> Not sure what's the policy regarding patching embedded copy of libev.
The policy is to kill the embedded copy as soon as possible.
Seems like a good time to do that.

Zbyszek

------------------------------

Message: 2
Date: Mon, 27 Jul 2015 09:35:56 -0400
From: Steve Grubb <sgrubb at redhat.com>
To: burn at swtf.dyndns.org
Cc: "linux-audit at redhat.com" <linux-audit at redhat.com>
Subject: Re: Audit class/lab
Message-ID: <15980868.FdKdW6R9DX at x2>
Content-Type: text/plain; charset="us-ascii"

On Saturday, July 25, 2015 08:39:22 AM Burn Alting wrote:
> Steve,
>
> The agenda infers that to attend a lab, you must bring a wifi-capable
> laptop with an SSH client installed.
>
> Is this a requirement for your lab or just the Applied SCAP Lab?

Its not my requirement. However, since it will be about Linux auditing and people are requested to have a laptop with a linux image available, ssh client should be there. Again, no plans for ssh right now.

-Steve

> On Thu, 2015-07-16 at 14:12 -0400, Steve Grubb wrote:
> > On Thursday, July 16, 2015 05:03:26 PM Smith, Gary R wrote:
> > > Any chance that your presentation would get recorded for later
> > > viewing by those of us who have no budget for travel at the end of
> > > the fiscal year?
> >
> > This presentation will not be recorded. Slides will be available. I
> > might do something separately from this conference so that there's
> > something people can watch. But I expect the lab to be interactive
> > where people can say, "We have these requirements, what would be the best way to do it?"
> > And sometimes, there isn't a best way and I take notes to look into
> > it more deeply.
> >
> > -Steve
> >
> > > On 07/15/2015 03:22 PM, Steve Grubb wrote:
> > > > Hello,
> > > >
> > > > I normally don't put the word out about speeches I give, or
> > > > things like that. But I am going to be teaching a hands-on audit
> > > > class to demonstrate how to configure, setup rules, and do
> > > > searching and reporting using the native linux audit tools.
> > > >
> > > > The lab will be part of the Defence in Depth conference in
> > > > Washington (Tyson's Cormers, VA) on Sept 1. Its free, you just have to register.
> > > > More info:
> > > >
> > > > http://www.redhat.com/en/about/events/2015-defense-depth
> > > >
> > > > I will be going over new features that aids insider threat
> > > > detection and signs of intrusion in addition to basics. Bring
> > > > your questions and problems, let's talk.
> > > >
> > > > -Steve
> > > >
> > > > --
> > > > Linux-audit mailing list
> > > > Linux-audit at redhat.com
> > > > https://www.redhat.com/mailman/listinfo/linux-audit
> >
> > --
> > Linux-audit mailing list
> > Linux-audit at redhat.com
> > https://www.redhat.com/mailman/listinfo/linux-audit

------------------------------

--
Linux-audit mailing list
Linux-audit at redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit

End of Linux-audit Digest, Vol 130, Issue 18
********************************************

Ce message et les pièces jointes sont confidentiels et réservés à l'usage exclusif de ses destinataires. Il peut également être protégé par le secret professionnel. Si vous recevez ce message par erreur, merci d'en avertir immédiatement l'expéditeur et de le détruire. L'intégrité du message ne pouvant être assurée sur Internet, la responsabilité de Worldline ne pourra être recherchée quant au contenu de ce message. Bien que les meilleurs efforts soient faits pour maintenir cette transmission exempte de tout virus, l'expéditeur ne donne aucune garantie à cet égard et sa responsabilité ne saurait être recherchée pour tout dommage résultant d'un virus transmis.

This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Worldline liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted.