Re: [Fed-Talk] Apple - Support - Downloads - Common Criteria Toolsfor 10.5
Re: [Fed-Talk] Apple - Support - Downloads - Common Criteria Toolsfor 10.5
- Subject: Re: [Fed-Talk] Apple - Support - Downloads - Common Criteria Toolsfor 10.5
- From: Todd Heberlein <email@hidden>
- Date: Thu, 24 Apr 2008 18:13:11 -0700
On Apr 24, 2008, at 9:03 AM, Rich Trouton wrote:
There's a third-party open-source utility called bsmGUI ( http://
sourceforge.net/projects/bsmgui ), but I haven't been able to get
that working on my Mac servers. Has anyone had better luck?
Apple's BSM for Tiger on Intel and PowerPC have different byte
orderings, so you cannot use Apple's supplied tools to analyze a
PowerPC audit trail on an Intel machine and vice versa. A tool that
doesn't take different byte ordering into account will have "issues".
Also, Solaris has many audit records (and tokens) that you won't find
in Apple's, and vice versa. And unfortunately, many of these audit
records and tokens are *not* documented anywhere.
I haven't had a chance to sit down with the Leopard audit trails to
look at byte ordering or audit record formats there yet.
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden