deimos.autonlab.org daily insecurity output

Charlie Root auton.sysnotify at gmail.com
Thu May 16 01:35:43 EDT 2019 

Running security(8):

======
/etc/group diffs (-OLD  +NEW)
======
--- /var/backups/etc_group.current	Wed May  8 01:30:06 2019
+++ /etc/group	Wed May 15 23:00:46 2019
@@ -89,3 +89,4 @@
 _hping:*:784:
 _iftop:*:615:
 _vnstat:*:658:
+_rsync:*:669:


======
/etc/ldapd.conf diffs (-OLD  +NEW)
======
--- /dev/null	Thu May 16 01:35:42 2019
+++ /etc/ldapd.conf	Thu May 16 01:12:41 2019
@@ -0,0 +1,18 @@
+#	$OpenBSD: ldapd.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $
+
+schema "/etc/ldap/core.schema"
+schema "/etc/ldap/inetorgperson.schema"
+schema "/etc/ldap/nis.schema"
+
+listen on lo0 tls certificate deimos
+listen on ix0 tls certificate deimos
+listen on "/var/run/ldapi"
+
+namespace "dc=autonlab,dc=org" {
+	rootdn		"cn=admin,dc=autonlab,dc=org"
+	rootpw		"{SSHA}WGCtiE9IqvigDsVuQ0fPJPQfB6QiIf8Q"
+	index		sn
+	index		givenName
+	index		cn
+	index		mail
+}


======
/etc/passwd diffs (-OLD  +NEW)
======
--- /var/backups/etc_passwd.current	Wed May  8 01:30:06 2019
+++ /etc/passwd	Wed May 15 23:00:46 2019
@@ -70,3 +70,4 @@
 _hping:*:784:784:hping privdrop user:/nonexistent:/sbin/nologin
 _iftop:*:615:615:iftop user:/nonexistent:/sbin/nologin
 _vnstat:*:658:658:vnstat daemon:/var/db/vnstat:/sbin/nologin
+_rsync:*:669:669:rsync Daemon:/var/empty:/sbin/nologin


======
/etc/pf.conf diffs (-OLD  +NEW)
======
--- /var/backups/etc_pf.conf.current	Thu May  9 01:35:50 2019
+++ /etc/pf.conf	Wed May 15 15:03:41 2019
@@ -61,3 +61,5 @@
 
 pass inet proto tcp from {$auton_lan, $auton_vpn} to any port $tcp_services_int
 pass inet proto udp from {$auton_lan, $auton_vpn} to any port $udp_services_int
+
+pass on em1


======
/etc/pwd.db SHA-256 checksums
======
OLD: 24e0b287197f3f97371c198f2a41ade1132d2861c9cb14ad2a29ec53d5cc8b65
NEW: f71314bcc9812b0f3bb6a90d22d0d1fc877199ca59097969b8becb589db40968

======
/etc/rc.conf.local diffs (-OLD  +NEW)
======
--- /var/backups/etc_rc.conf.local.current	Thu May  9 01:35:50 2019
+++ /etc/rc.conf.local	Thu May 16 01:06:46 2019
@@ -1,5 +1,7 @@
-pkg_scripts=sshguard monit collectd smartd
-unbound_flags=
-snmpd_flags=
+ldapd_flags=
+openvpn_flags=--config /etc/openvpn/server.conf
+pkg_scripts=sshguard monit collectd smartd openvpn
 sensorsd_flags=
+snmpd_flags=
 syslogd_flags="-h"
+unbound_flags=


======
/etc/spwd.db SHA-256 checksums
======
OLD: acc76bd467bec9dbc2b1ab5ab7f1a4323ed3099cab9f0c4c05ca5e9f8a8f3aef
NEW: 2778aa42d40713bc76f3eb18b2f6148a28dec631fda4aafbf44a00360eadcb2d

======
/var/unbound/etc/unbound.conf diffs (-OLD  +NEW)
======
--- /var/backups/var_unbound_etc_unbound.conf.current	Thu May  9 01:35:50 2019
+++ /var/unbound/etc/unbound.conf	Thu May 16 00:02:12 2019
@@ -3,7 +3,7 @@
 server:
 	interface: 127.0.0.1
 	interface: 192.168.6.250
-	#interface: 10.8.0.1
+	interface: 10.8.0.1
 	#interface: 127.0.0.1 at 5353	# listen on alternative port
 	interface: ::1
 	do-ip6: no


======
Package list changes (-OLD  +NEW)
======
--- /var/backups/pkglist.current	Wed May  8 01:30:07 2019
+++ /var/backups/pkglist	Thu May 16 01:35:43 2019
@@ -4,6 +4,7 @@
 collectd-5.8.1      system metrics collection engine
 collectd-rrdtool-5.8.1 collectd rrdtool plugin
 curl-7.64.1         get files from FTP, Gopher, HTTP or HTTPS servers
+cyrus-sasl-2.1.27p1 RFC 2222 SASL (Simple Authentication and Security Layer)
 detox-1.2.0         utility designed to clean up filenames
 dnstop-20140915p0   pcap-based DNS query monitor
 dos2unix-7.4.0      convert DOS/MAC files to UNIX (line-endings/charset)
@@ -19,7 +20,9 @@
 iftop-1.0pre4p2     display bandwidth usage on an interface
 intel-firmware-20180807p0v0 microcode update binaries for Intel CPUs
 iperf-2.0.12p0      tool for measuring maximum TCP and UDP bandwidth
+ipmitool-1.8.18p0   manage and configure devices that support IPMI
 jpeg-2.0.2v0        SIMD-accelerated JPEG codec replacement of libjpeg
+ldapvi-1.7p7        update LDAP entries with a text editor
 libffi-3.2.1p5      Foreign Function Interface
 libgcrypt-1.8.4p0   crypto library based on code used in GnuPG
 libgpg-error-1.36   error codes for GnuPG related software
@@ -41,6 +44,7 @@
 nghttp2-1.37.0      library for HTTP/2
 nginx-1.14.2        robust and small HTTP server and mail proxy server
 nmap-7.70p1         scan ports and fingerprint stack of network hosts
+openldap-client-2.4.47p0 open-source LDAP software (client)
 openvpn-2.4.7p1     easy-to-use, robust, and highly configurable VPN
 p5-IPC-Run-0.96     run a subprocess
 p5-Time-Duration-1.20v0 module for rounded or exact english expression of durations
@@ -49,10 +53,12 @@
 pcre-8.41p2         perl-compatible regular expression library
 pftop-0.7p18        curses-based real time state and rule display for pf
 png-1.6.35          library for manipulating PNG images
+popt-1.16p1         getopt(3)-like library with a number of enhancements
 python-3.6.8p0      interpreted object-oriented programming language
 quirks-3.124        exceptions to pkg_add rules
 rrdtool-1.7.1       system to store and display time-series data
 rrdupdate-1.7.1     lightweight update-only tool for rrdtool
+rsync-3.1.3         mirroring/synchronization over low bandwidth links
 scrypt-1.2.1        command-line encryption using scrypt key derivation function
 smartmontools-7.0   control and monitor storage systems using SMART
 sqlite3-3.27.2p0    embedded SQL implementation

More information about the Autonlab-sysinfo mailing list