* [refpolicy] services_snort.patch
@ 2009-06-09 1:09 Daniel J Walsh
2009-07-27 20:04 ` Chris PeBenito
0 siblings, 1 reply; 9+ messages in thread
From: Daniel J Walsh @ 2009-06-09 1:09 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_snort.patch
Interface with prelude.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_snort.patch
@ 2010-08-26 22:21 Daniel J Walsh
2010-09-15 13:24 ` Christopher J. PeBenito
0 siblings, 1 reply; 9+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:21 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F14/services_snort.patch
Reads kernel network state
uses usbmon device
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx26QMACgkQrlYvE4MpobNWAgCg6FKvaYKBkQ6p4J2HC+pxpKsH
JSgAoM4S1wdDxDwzw0S68Ni0jqXrmpQ8
=08UV
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_snort.patch
@ 2010-02-23 20:56 Daniel J Walsh
0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2010-02-23 20:56 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_snort.patch
snort creates generic sockets
We can dontaudit read of system state
rearrage kernel calls and allow snort to request the kernel load a module.
uses usbmod and genrice usb devices.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_snort.patch
@ 2009-03-05 17:05 Daniel J Walsh
0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2009-03-05 17:05 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_snort.patch
snort uses prelude port
reads kernel sysctl
Prelude fixes.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmwBj8ACgkQrlYvE4MpobP29gCeMuz61PYacDRniei52F4KIcHq
kyoAoK/pzq7EH58fK1dqQaGmV0sR1b5C
=QEvj
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_snort.patch
@ 2008-09-24 19:59 Daniel J Walsh
2008-10-09 18:09 ` Christopher J. PeBenito
0 siblings, 1 reply; 9+ messages in thread
From: Daniel J Walsh @ 2008-09-24 19:59 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_snort.patch
New path for snort
snort now uses /var/run/snort
Add initrc script support
allow admin to start/stop service
Admin needs admin_pattern on all file types
snort uses the netlinkg_firewall_socket
connects to the prelude port
reads random devices
reads utmp file
resolves hostnames
playes with prelude
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkjanCcACgkQrlYvE4MpobMP3QCgo2zQdPjF9tnFxRDY5UDi+GrM
YlYAniNBcZ8xRMFmtWcLHUqskeFKN8ng
=W9eu
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2010-09-15 13:24 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-06-09 1:09 [refpolicy] services_snort.patch Daniel J Walsh
2009-07-27 20:04 ` Chris PeBenito
-- strict thread matches above, loose matches on Subject: below --
2010-08-26 22:21 Daniel J Walsh
2010-09-15 13:24 ` Christopher J. PeBenito
2010-02-23 20:56 Daniel J Walsh
2009-03-05 17:05 Daniel J Walsh
2008-09-24 19:59 Daniel J Walsh
2008-10-09 18:09 ` Christopher J. PeBenito
2008-10-10 20:40 ` Daniel J Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.