[olug] Tripwire policy file setup

Don Kauffman dkauffman at tconl.com
Mon Jun 10 18:25:52 UTC 2002 

Thanks Brian,

AFTER I wrote this email, I did a Google on /var/lock/subsys/ and 
tripwire and came up with the following document.

http://www.linuxsecurity.com/feature_stories/tripwire-2.html

I found it helpful so I'm passing it along. (I should have done the 
search BEFORE!!) ;-)

Don

Brian Roberson wrote:

>/var/lock/subsys  is the directory where pid files go, What I normally will
>do is only check for suid files in /var/  ; but that's just me, I am sure
>some people would have a different point of view ;-)
>
>
>
>
>----- Original Message -----
>From: "Don Kauffman" <dkauffman at tconl.com>
>To: "OLUG" <olug at olug.org>
>Sent: Monday, June 10, 2002 11:00 AM
>Subject: [olug] Tripwire policy file setup
>
>
>>I have kind of a newbie question. Here's the situation. I'm trying to
>>set up tripwire for the first time on a box that hasn't been on the net.
>>I ran tripwire --check after initializing the data base. and I'm seeing
>>there's a lot of files missing.  The majority are in /var/lock/subsys
>>(e.g.. /var/lock/subsys/ripd). I checked the policy file and sure enough
>>they are listed. I started to comment them out but then I thought I'd
>>better check on this. I don't want to see errors on files I know aren't
>>there. At the same time, however, I want to know what is important to have
>>
>>My questions are:
>>1> how important are these individual /var/lock/subsys/* files?
>>2> how do they get created?
>>3> what would I have to do to get them created?
>>
>>Thanks!
>>
>>--
>>Don Kauffman
>>Email: mailto:dkauffman at tconl.com
>>---------------------------------
>>I feel like I'm diagonally parked
>>          in a parallel universe!
>>
>>
>>
>>-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>>
>>For help contact olug-help at olug.org - run by ezmlm
>>to unsubscribe, send mail to olug-unsubscribe at olug.org
>>or `mail olug-unsubscribe at olug.org < /dev/null`
>>(c)1998-2002 OLUG http://www.olug.org
>>
>>-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>>
>
>
>-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
>For help contact olug-help at olug.org - run by ezmlm
>to unsubscribe, send mail to olug-unsubscribe at olug.org
>or `mail olug-unsubscribe at olug.org < /dev/null`
>(c)1998-2002 OLUG http://www.olug.org
>
>-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
>

-- 
Don Kauffman
Email: mailto:dkauffman at tconl.com
---------------------------------
I feel like I'm diagonally parked 
          in a parallel universe!




-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

More information about the OLUG mailing list