diff options
Diffstat (limited to 'security')
28 files changed, 55 insertions, 55 deletions
diff --git a/security/amavisd-new/files/pkg-message.in b/security/amavisd-new/files/pkg-message.in index 3fe030a..e168d4a 100644 --- a/security/amavisd-new/files/pkg-message.in +++ b/security/amavisd-new/files/pkg-message.in @@ -3,7 +3,7 @@ To use amavisd-new, you need to install at least one virus scanner. The following virus scanners are available in the FreeBSD ports collection: - + /usr/ports/security/clamav Clam Antivirus /usr/ports/security/f-prot F-Prot Antivirus diff --git a/security/bruteblock/files/pkg-message.in b/security/bruteblock/files/pkg-message.in index c012910..9932afc 100644 --- a/security/bruteblock/files/pkg-message.in +++ b/security/bruteblock/files/pkg-message.in @@ -13,15 +13,15 @@ auth.info;authpriv.info |exec %%PREFIX%%/sbin/bruteblock Also you should add ipfw2 table and the corresponding deny rule. For example, -# ipfw add deny ip from table(1) to any +# ipfw add deny ip from table(1) to any - Next, you'll want to setup periodical cleanup of ipfw2 table. Add following + Next, you'll want to setup periodical cleanup of ipfw2 table. Add following lines to /etc/rc.conf: bruteblockd_enable="YES" bruteblockd_table="1" bruteblockd_flags="-s 5" - + and start bruteblockd: %%PREFIX%%/etc/rc.d/bruteblockd.sh start See bruteblock(8) for more details. diff --git a/security/calife/pkg-message b/security/calife/pkg-message index 40c6e5f..6c58ac9 100644 --- a/security/calife/pkg-message +++ b/security/calife/pkg-message @@ -1,5 +1,5 @@ -This version supports (and encourages you to use) PAM. A sample +This version supports (and encourages you to use) PAM. A sample configuration file is in ${PREFIX}/etc/pam.d/calife.sample. Rename it to "calife" to enable PAM authentication. It will fall back to the previous methods if PAM is not available. diff --git a/security/clamav-unofficial-sigs/files/pkg-message.in b/security/clamav-unofficial-sigs/files/pkg-message.in index 0681c17..3fa2404 100644 --- a/security/clamav-unofficial-sigs/files/pkg-message.in +++ b/security/clamav-unofficial-sigs/files/pkg-message.in @@ -6,7 +6,7 @@ it first. Sample configuration files have been installed to: %%ETCDIR%% All user configuration changes should go in file "user.conf". Modify -it according to your needs and when you are done set the value of +it according to your needs and when you are done set the value of "user_configuration_complete" parameter to "yes". NOTE: Starting with version 5.0.0 configuration has been split into @@ -19,7 +19,7 @@ obsolete configuration file: %%PREFIX%%/etc/clamav-unofficial-sigs.conf -To run the script periodically by cron, you also need to add it to +To run the script periodically by cron, you also need to add it to your crontab. Sample crontab and logrotate files are located in: %%EXAMPLESDIR%% diff --git a/security/clamsmtp/files/pkg-message.in b/security/clamsmtp/files/pkg-message.in index 8f8d456..cd10b7e 100644 --- a/security/clamsmtp/files/pkg-message.in +++ b/security/clamsmtp/files/pkg-message.in @@ -3,11 +3,11 @@ Edit /etc/rc.conf and set clamsmtpd_enable="YES" -to enable clamsmtpd. +to enable clamsmtpd. -Also, there is a clamsmtpd.conf-sample in %%PREFIX%%/etc/, +Also, there is a clamsmtpd.conf-sample in %%PREFIX%%/etc/, rename to clamsmtpd.conf, otherwise specify -f option to your -config file. +config file. To work with postfix, See also http://memberwebs.com/nielsen/software/clamsmtp/postfix.html diff --git a/security/denyhosts/files/pkg-message.in b/security/denyhosts/files/pkg-message.in index 8dc8231..ca437a5 100644 --- a/security/denyhosts/files/pkg-message.in +++ b/security/denyhosts/files/pkg-message.in @@ -8,7 +8,7 @@ In order to proper working of denyhosts sshd : /etc/hosts.deniedssh : deny sshd : ALL : allow 2. issue the following command if /etc/hosts.deniedssh does not exist yet -touch /etc/hosts.deniedssh +touch /etc/hosts.deniedssh ------------------------------------------------------------------------------- Warning: diff --git a/security/doorman/files/pkg-message.in b/security/doorman/files/pkg-message.in index c8fc235..9ea2fe4 100644 --- a/security/doorman/files/pkg-message.in +++ b/security/doorman/files/pkg-message.in @@ -3,7 +3,7 @@ To configure Doorman, please edit the files guestlist and doormand.cf found in %%PREFIX%%/etc/doormand. Documentation can be found using: - + $ man guestlist $ man doormand.cf diff --git a/security/dradis/files/pkg-message.in b/security/dradis/files/pkg-message.in index 42841e6..5908775 100644 --- a/security/dradis/files/pkg-message.in +++ b/security/dradis/files/pkg-message.in @@ -5,7 +5,7 @@ For other databases such as MySQL configure the file %%PREFIX%%/dradis/server/config/database.yml - The (SQLite) database can be initialized with the command + The (SQLite) database can be initialized with the command %%PREFIX%%/etc/rc.d/dradis initdb For more information see: diff --git a/security/maia/files/pkg-message.in b/security/maia/files/pkg-message.in index decfa35..98c72b9 100644 --- a/security/maia/files/pkg-message.in +++ b/security/maia/files/pkg-message.in @@ -3,7 +3,7 @@ To use Maia-Mailguard, you need to install at least one virus scanner. The following virus scanners are available in the FreeBSD ports collection: - + security/clamav Clam Antivirus security/f-prot F-Prot Antivirus security/drweb DrWeb antivirus suite diff --git a/security/mailzu/files/pkg-message.in b/security/mailzu/files/pkg-message.in index 5b7aa7e..b9a93c7 100644 --- a/security/mailzu/files/pkg-message.in +++ b/security/mailzu/files/pkg-message.in @@ -1,5 +1,5 @@ %%PKGNAME%% has been installed into: - + %%WWWDIR%% **************************************************** @@ -11,13 +11,13 @@ Then, edit %%WWWDIR%%/config/config.php Also, please note that MailZu needs PHP's short_open_tag boolean to be "on" (this is detault in typical installations of PHP). To be certain, you can set "short_open_tag = on" in -%%LOCALBASE%%/etc/php.ini. +%%LOCALBASE%%/etc/php.ini. -Finally, make MailZu available through your web site. An +Finally, make MailZu available through your web site. An example for httpd.conf: Alias /mailzu/ "%%WWWDIR%%/" - + <Directory "%%WWWDIR%%/"> Options none AllowOverride Limit diff --git a/security/obfsproxy/files/pkg-message.in b/security/obfsproxy/files/pkg-message.in index 1e492d8..171730a6 100644 --- a/security/obfsproxy/files/pkg-message.in +++ b/security/obfsproxy/files/pkg-message.in @@ -5,14 +5,14 @@ As a client, add the following to %%PREFIX%%/etc/tor/torrc: UseBridges 1 Bridge obfs2 x.x.x.x:yyyy FINGERPRINT-OF-BRIDGE - ClientTransportPlugin obfs2 exec %%PREFIX%%/bin/obfsproxy managed + ClientTransportPlugin obfs2 exec %%PREFIX%%/bin/obfsproxy managed or UseBridges 1 Bridge obfs3 u.u.u.u:wwww FINGERPRINT-OF-BRIDGE - ClientTransportPlugin obfs3 exec %%PREFIX%%/bin/obfsproxy managed - + ClientTransportPlugin obfs3 exec %%PREFIX%%/bin/obfsproxy managed + As a bridge, add the following to %%PREFIX%%/etc/tor/torrc: ServerTransportPlugin obfs2,obfs3 exec %%PREFIX%%/bin/obfsproxy managed diff --git a/security/openbsm-devel/files/pkg-message.in b/security/openbsm-devel/files/pkg-message.in index 73a7b28..39cd289 100644 --- a/security/openbsm-devel/files/pkg-message.in +++ b/security/openbsm-devel/files/pkg-message.in @@ -20,7 +20,7 @@ SHA256=8F:0A:FC:8A:3D:09:80:AF:D9:AA:38:CC:8A:86:53:E6:8F:B6:1C:55:30... # dd if=/dev/urandom bs=32 count=1 | openssl base64 | cut -b -32 YjwbK69H5cEBlhcT+eJpJgJTFn5B2SrG -4. Create /etc/security/auditdistd.conf configuration file: +4. Create /etc/security/auditdistd.conf configuration file: receiver { host "<enter hostname of sender here> { remote "tls://<enter IP of sender here>" diff --git a/security/openscep/files/pkg-message.in b/security/openscep/files/pkg-message.in index 83a5e54..d8c4dd6 100644 --- a/security/openscep/files/pkg-message.in +++ b/security/openscep/files/pkg-message.in @@ -8,7 +8,7 @@ You should also include %%PREFIX%%/etc/openscep/openscep.schema into your slapd config (sample of this is at %%PREFIX%%/etc/openscep/slapd.conf). -Furthermore, you should add your ldap directory information from +Furthermore, you should add your ldap directory information from %%PREFIX%%/etc/openscep/openscep.ldif and edit DN specific information there before doing ldapadd. ====================================================================== diff --git a/security/openssh-portable/pkg-message b/security/openssh-portable/pkg-message index c89f7b0..9a781cb 100644 --- a/security/openssh-portable/pkg-message +++ b/security/openssh-portable/pkg-message @@ -11,6 +11,6 @@ OpenSSH port, and if truly necessary, re-enable remote root login by readjusting this option in your sshd_config. Users are encouraged to create single-purpose users with ssh keys, disable -Password authentication by setting 'PasswordAuthentication no' and +Password authentication by setting 'PasswordAuthentication no' and 'ChallengeResponseAuthentication no', and to define very narrow sudo privileges instead of using root for automated tasks. diff --git a/security/openssl_tpm_engine/files/pkg-message.in b/security/openssl_tpm_engine/files/pkg-message.in index 68bdf78..c2aa43e 100644 --- a/security/openssl_tpm_engine/files/pkg-message.in +++ b/security/openssl_tpm_engine/files/pkg-message.in @@ -8,4 +8,4 @@ you might get the following error messages: | 65738:error:80066070:tpm engine:TPM_ENGINE_INIT:unit failure:e_tpm.c:484: | 65738:error:260B806D:engine routines:ENGINE_TABLE_REGISTER:init failed:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/engine/eng_table.c:161: | 65738:error:260BC065:engine routines:INT_ENGINE_CONFIGURE:engine configuration error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/engine/eng_cnf.c:204:section=tpm_section, name=default_algorithms, value=ALL - | 65738:error:0E07606D:configuration file routines:MODULE_RUN:module initialization error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_mod.c:235:module=engines, value=engine_section, retcode=-1 + | 65738:error:0E07606D:configuration file routines:MODULE_RUN:module initialization error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_mod.c:235:module=engines, value=engine_section, retcode=-1 diff --git a/security/openvpn-devel/files/pkg-message.in b/security/openvpn-devel/files/pkg-message.in index 6f66ec4..a475fb2 100644 --- a/security/openvpn-devel/files/pkg-message.in +++ b/security/openvpn-devel/files/pkg-message.in @@ -9,7 +9,7 @@ ### It may or may not be suitable for production. Use at your own risk. ### ------------------------------------------------------------------------ ### -### PLUGIN LOCATION CHANGED! +### PLUGIN LOCATION CHANGED! ### The following plugin locations have changed. There is a symlink to the ### new file for the duration of the 2.3 release. This will be removed in ### OpenVPN 2.4+. diff --git a/security/p5-openxpki/files/pkg-message.in b/security/p5-openxpki/files/pkg-message.in index 87c2276..2d6c9de 100644 --- a/security/p5-openxpki/files/pkg-message.in +++ b/security/p5-openxpki/files/pkg-message.in @@ -1,31 +1,31 @@ ================================================================= -- Universal server building block (OpenXPKI) for arbitrary PKI: installed. +- Universal server building block (OpenXPKI) for arbitrary PKI: installed. - SCEP prerequisite binary and i18n tools for UI: installed. - Enable utf8 locale (e.g. en_US.utf8) for the translation staff to operate (translation is needed even for English language). -- Install your favorite database (enable utf8 support), +- Install your favorite database (enable utf8 support), e.g. databases/mysql56-server -- Install perl interface for your favorite database, +- Install perl interface for your favorite database, e.g. databases/p5-DBD-mysql - Install your favorite web server. Choose from two versions of the handler: based on CGI or FastCGI perl core modules. Copy CGI or FastCGI scripts from %%EXAMPLESDIR%%/cgi-bin to the location - where your web server can use them. Set executable permissions for them. - Copy htdocs files from %%EXAMPLESDIR%%/htdocs to the location + where your web server can use them. Set executable permissions for them. + Copy htdocs files from %%EXAMPLESDIR%%/htdocs to the location where your web server can use them. You can see some samples in %%EXAMPLESDIR%%/config/apache. -- If you want your server to act just as the simplest CA, +- If you want your server to act just as the simplest CA, then the basic deployment procedure is all you need: - copy sample configuration for this case with + copy sample configuration for this case with cp -R %%EXAMPLESDIR%%/config/openxpki/* %%PREFIX%%/etc/openxpki/ and follow advice at: https://openxpki.readthedocs.org/en/latest/quickstart.html Without this deployment procedure OpenXPKI server would not start. - If you want more complex role for your server inside the PKI infrastructure, - then you need to perform further deployment procedure for your server atop - the basic deployment. -- This port has created user:group as openxpki:openxpki, which owns + then you need to perform further deployment procedure for your server atop + the basic deployment. +- This port has created user:group as openxpki:openxpki, which owns the OpenXPKI server. - After first fresh installation, create empty log files as follows (assuming your web server is owned by user www): diff --git a/security/pam_yubico/files/pkg-message.in b/security/pam_yubico/files/pkg-message.in index 6a781fe..7dac757 100644 --- a/security/pam_yubico/files/pkg-message.in +++ b/security/pam_yubico/files/pkg-message.in @@ -1,5 +1,5 @@ -For setup instructions on authenticating with your YubiKey, see: +For setup instructions on authenticating with your YubiKey, see: %%DOCSDIR%%/README or https://github.com/Yubico/yubico-pam/blob/master/README diff --git a/security/pks/files/pkg-message.in b/security/pks/files/pkg-message.in index b9676fe..ed4799c 100644 --- a/security/pks/files/pkg-message.in +++ b/security/pks/files/pkg-message.in @@ -12,7 +12,7 @@ Add the following lines to /etc/rc.conf.local or /etc/rc.conf to enable this ser infrastructure to enable this. See: %%PREFIX%%/share/doc/pks/README and %%PREFIX%%/share/doc/pks/EMAIL for details. - + pksd_queue_delay (int): Periodically process incoming mail. Set to 60 seconds by default. diff --git a/security/ppars/pkg-message b/security/ppars/pkg-message index 3b04053..327b6a8 100644 --- a/security/ppars/pkg-message +++ b/security/ppars/pkg-message @@ -1,7 +1,7 @@ *************************************************************************** -Installer instructions. +Installer instructions. First issue rehash command and then run abuse.Reporting.system.pl it contains an overview of how the system works and how to setup the diff --git a/security/py-fail2ban/pkg-message b/security/py-fail2ban/pkg-message index 1339f2c..eecbcca 100644 --- a/security/py-fail2ban/pkg-message +++ b/security/py-fail2ban/pkg-message @@ -10,7 +10,7 @@ For more information, see the official manual: http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Configuration -If you are upgrading from 0.8.x consider adopting the new +If you are upgrading from 0.8.x consider adopting the new configuration style. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/security/sguil/files/pkg-message-sensor.in b/security/sguil/files/pkg-message-sensor.in index 609090d..22aa6d4 100644 --- a/security/sguil/files/pkg-message-sensor.in +++ b/security/sguil/files/pkg-message-sensor.in @@ -7,15 +7,15 @@ it and install the barnyard2-sguil port instead. You will need to deinstall the barnyard2 port and install the barnyard2-sguil port yourself instead. This port WILL NOT WORK without the barnyard2-sguil port!! -See the %%DOCSDIR%%/INSTALL doc for details on the -configuration and for croning the script. +See the %%DOCSDIR%%/INSTALL doc for details on the +configuration and for croning the script. -WARNING!!! Sguil et al will fill up your /tmp directory very +WARNING!!! Sguil et al will fill up your /tmp directory very quickly. You should probably configure sguil et al to log to another partition/location (e.g. /nsm/tmp/). -You must ALSO edit all of the sensor conf files (located in -%%PREFIX%%/%%SENSOR_SGUILDIR%%/etc/) to reflect your configuration before +You must ALSO edit all of the sensor conf files (located in +%%PREFIX%%/%%SENSOR_SGUILDIR%%/etc/) to reflect your configuration before starting the sensor_agents. A number of ancilliary things have been installed in @@ -27,5 +27,5 @@ The new sancp.conf-sample file contains the settings for squil. NOTE: the conf file is for sancp 1.5.3. It may need additional edits to work with the current ports version of sancp. If you still want to maintain the customized sancp.conf file, then copy the new sancp.conf-sample -file to sguild-sancp.conf (for example) and add +file to sguild-sancp.conf (for example) and add sancp_conf=%%PREFIX%%/etc/sguild-sancp.conf to /etc/rc.conf. diff --git a/security/snortsam/files/pkg-message.in b/security/snortsam/files/pkg-message.in index 461458e..339b106 100644 --- a/security/snortsam/files/pkg-message.in +++ b/security/snortsam/files/pkg-message.in @@ -9,7 +9,7 @@ NOTE: SNORT have to be build with OPTION SNORTSAM. With samtool it is possible to send alerts to snortsam, this way you can test and adjust your FW rules. - For more information read the INSTALL, FAQ, README + For more information read the INSTALL, FAQ, README files in %%DOCSDIR%% Additional consolidate http://snortsam.net diff --git a/security/sshguard/files/pkg-message.in b/security/sshguard/files/pkg-message.in index 2443827..8116946 100644 --- a/security/sshguard/files/pkg-message.in +++ b/security/sshguard/files/pkg-message.in @@ -5,12 +5,12 @@ You can start sshguard as a daemon by using the rc.d script installed at %%PREFIX%%/etc/rc.d/sshguard . - + See sshguard(8) and http://www.sshguard.net/docs/setup for additional info. Please note that a few rc script parameters have been renamed to better reflect the documentation: - + sshguard_safety_thresh -> sshguard_danger_thresh sshguard_pardon_min_interval -> sshguard_release_interval sshguard_prescribe_interval -> sshguard_reset_interval diff --git a/security/sshit/files/pkg-message.in b/security/sshit/files/pkg-message.in index ad45352..f587a7b 100644 --- a/security/sshit/files/pkg-message.in +++ b/security/sshit/files/pkg-message.in @@ -16,9 +16,9 @@ auth.info;authpriv.info |exec %%PREFIX%%/sbin/sshit table <badhosts> persist block on $extdev from <badhosts> to any - and reload the pf rules. + and reload the pf rules. - If you want to use ipfw2 (with table) as the firewall, you should add a + If you want to use ipfw2 (with table) as the firewall, you should add a table and the corresponding deny rule. For example, -# ipfw add deny ip from table(0) to any +# ipfw add deny ip from table(0) to any diff --git a/security/ssl-admin/files/pkg-message.in b/security/ssl-admin/files/pkg-message.in index cfb2f8f..7791df0 100644 --- a/security/ssl-admin/files/pkg-message.in +++ b/security/ssl-admin/files/pkg-message.in @@ -1,5 +1,5 @@ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * -Please edit the configuration file %%PREFIX%%/etc/ssl-admin/ssl-admin.conf +Please edit the configuration file %%PREFIX%%/etc/ssl-admin/ssl-admin.conf before running ssl-admin for the first time. You're now ready to manage your SSL certificates. diff --git a/security/truecrypt/pkg-message b/security/truecrypt/pkg-message index 31d58ea..2b8c1e8 100644 --- a/security/truecrypt/pkg-message +++ b/security/truecrypt/pkg-message @@ -4,7 +4,7 @@ TrueCrypt is not offically supported under FreeBSD, however it does seem to function fine under certain conditions. -Until TrueCrypt is officially supported under FreeBSD, this +Until TrueCrypt is officially supported under FreeBSD, this port should be considered experimental. TrueCrypt's website cites that system instability is possible. diff --git a/security/vnccrack/files/pkg-message.in b/security/vnccrack/files/pkg-message.in index edd2d41..1efde53 100644 --- a/security/vnccrack/files/pkg-message.in +++ b/security/vnccrack/files/pkg-message.in @@ -1,2 +1,2 @@ -Additional info on program usage can be found in this file: +Additional info on program usage can be found in this file: %%DOCSDIR%%/readme.txt |
