Re: [Fed-Talk] [UPDATE STATUS] BSM Auditing on 10.5 - Event Logging Failure
Re: [Fed-Talk] [UPDATE STATUS] BSM Auditing on 10.5 - Event Logging Failure
- Subject: Re: [Fed-Talk] [UPDATE STATUS] BSM Auditing on 10.5 - Event Logging Failure
- From: Boyd Fletcher <email@hidden>
- Date: Tue, 24 Jun 2008 14:15:34 -0400
- Thread-topic: [Fed-Talk] [UPDATE STATUS] BSM Auditing on 10.5 - Event Logging Failure
Title: Re: [Fed-Talk] [UPDATE STATUS] BSM Auditing on 10.5 - Event Logging Failure
Shawn,
any chance apple is going to include the auditing tools as part of the base distribution.
boyd
On 6/20/08 12:00 PM, "Shawn Geddis" <email@hidden> wrote:
Fed-Talk Mac "BSM Auditing" Users,
On April 23, I happily announced the final availability of *Auditing Tools* for Mac OS X 10.5 (PPC/Intel). Quickly upon the heels of that announcement, several of you indicated event logging failures on your systems. Here is a brief update on that situation.
Problem Status: *Active*
Platform Affected: Mac OS X 10.5.x
Services Affected: BSM - Auditing
ETA for a Fix: Unknown at this time
Work-a-round: No current work-a-round at this point
Delivery Vehicle: Will require a Mac OS X 10.5.x Software Update
A bit more detail for those interested:
We realize in the end, it doesn't matter much to you the end user, but the problem does not lie within the Auditing Tools. The regression was within Mac OS X 10.5.x itself relating to changes made within and between the Launch Services and Login Window Architectures. This effectively broke the ability of the BSM Auditing subsystem from actively and correctly generating the expected audit records many have come to know and love.
As noted above, this will require an update to Mac OS X 10.5 itself and will not require any changes to the auditing subsystem or related tools installer.
/* Personal Request */
It is very unfortunate that the original *Auditing Tools* were named *Common Criteria Tools*. It was both unfortunate and incorrect -- and continues to be technically incorrect. This began at Apple and is currently still reflected on public facing web pages @ Apple.com. Until I can get that remedied, I would like to ask a personal favor of all of us intimately involved and familiar with the technology and process.
Can we all refer to them as "BSM Auditing and Auditing Tools" moving forward ? :-)
Those that do so will add a few years back to the end of my life. :-) Thanks in advance!
/* Personal Request */
- Shawn
_____________________________________________________
Shawn Geddis - Security Consulting Engineer - Apple Enterprise
On Apr 23, 2008, at 5:13 PM, Shawn A. Geddis wrote:
Fed-Talk Subscribers,
I am very happy to *finally* be able to announce to you that the Auditing Tools for 10.5 (PPC/Intel) are publicly available.
http://www.apple.com/support/downloads/commoncriteriatoolsfor105.html
Common Criteria Tools for 10.5
About Common Criteria Tools for 10.5
An internationally approved set of security standards which provides a clear and reliable evaluation of the security capabilities of Information Technology products. By providing an independent assessment of a products ability to meet security standards, Common Criteria gives customers more confidence in the security of Information Technology products and leads to more informed decisions.
Security-conscious customers, such as the U.S. Federal Government, are requiring Common Criteria certification as a determining factor in purchasing decisions. Since the requirements for certification are clearly established, vendors can target very specific security needs while providing broad product offerings.
The international scope of Common Criteria, currently adopted by fourteen nations, allows users from other countries to purchase Information Technology products with the same level of confidence, since certification is recognized across all complying nations.
SHA 1 digest =da6901baa2dd5a759335c08c91417477633e2da4
For detailed information on SHA 1 Digest, please visit this website:http://www.info.apple.com/kbnum/n75510
Additional Resources
Common Criteria Support <http://www.apple.com/support/security/commoncriteria>
White Paper <http://images.apple.com/support/security/commoncriteria/CC_Whitepaper.pdf>
Admin Guide <http://images.apple.com/support/security/commoncriteria/CC_AdminGuide.pdf>
Download Details
Version:
Post Date:April 23, 2008
License:Update
File Size:103KB <http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18796&cat=59&platform=osx&method=sa/CommonCriteriaTools.dmg>
This download supports:
System Requirements
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden