diff options
author | Eugeni Dodonov <eugeni@mandriva.org> | 2010-02-24 11:59:07 +0000 |
---|---|---|
committer | Eugeni Dodonov <eugeni@mandriva.org> | 2010-02-24 11:59:07 +0000 |
commit | e291d07638bc0756c8bd91d42c336abd6a034d7e (patch) | |
tree | 904aec2f11f33207ff2fafe8d6313820463c4eec /conf | |
parent | 2b914a6e92a96a69483f6381fbbf594a40494c59 (diff) | |
download | msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar.gz msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar.bz2 msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar.xz msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.zip |
Added support for audit_daily and audit_weekly profiles.
Diffstat (limited to 'conf')
-rw-r--r-- | conf/level.audit_daily | 105 | ||||
-rw-r--r-- | conf/level.audit_weekly | 105 | ||||
-rw-r--r-- | conf/perm.audit_daily | 3 | ||||
-rw-r--r-- | conf/perm.audit_weekly | 3 |
4 files changed, 216 insertions, 0 deletions
diff --git a/conf/level.audit_daily b/conf/level.audit_daily new file mode 100644 index 0000000..330ef3a --- /dev/null +++ b/conf/level.audit_daily @@ -0,0 +1,105 @@ +BASE_LEVEL=audit_daily +CHECK_WRITABLE=daily +MAIL_EMPTY_CONTENT=no +CHECK_PERMS=no +CHECK_PERMS_ENFORCE=no +CHECK_SECTOOL=daily +CHECK_SECTOOL_LEVEL=3 +CHECK_USER_FILES=daily +CHECK_CHKROOTKIT=daily +CHECK_SUID_ROOT=daily +SYSLOG_WARN=yes +ENABLE_AT_CRONTAB= +CHECK_PASSWD=daily +CHECK_SUID_MD5=daily +CHECK_SHOSTS=daily +MAIL_USER=root +CHECK_SHADOW=daily +CHECK_UNOWNED=daily +CHECK_USERS=daily +CHECK_GROUPS=daily +NOTIFY_WARN=yes +CHECK_OPEN_PORT=daily +CHECK_FIREWALL=daily +CHECK_RPM_PACKAGES=daily +CHECK_RPM_INTEGRITY=daily +MAIL_WARN=yes +CHECK_SECURITY=yes +TTY_WARN=yes +CHECK_SGID=daily +CHECK_PROMISC=daily +CHECK_ON_BATTERY=yes +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= diff --git a/conf/level.audit_weekly b/conf/level.audit_weekly new file mode 100644 index 0000000..a9e8090 --- /dev/null +++ b/conf/level.audit_weekly @@ -0,0 +1,105 @@ +BASE_LEVEL=audit_weekly +CHECK_WRITABLE=weekly +MAIL_EMPTY_CONTENT=no +CHECK_PERMS=no +CHECK_PERMS_ENFORCE=no +CHECK_SECTOOL=weekly +CHECK_SECTOOL_LEVEL=3 +CHECK_USER_FILES=weekly +CHECK_CHKROOTKIT=weekly +CHECK_SUID_ROOT=weekly +SYSLOG_WARN=yes +ENABLE_AT_CRONTAB= +CHECK_PASSWD=weekly +CHECK_SUID_MD5=weekly +CHECK_SHOSTS=weekly +MAIL_USER=root +CHECK_SHADOW=weekly +CHECK_UNOWNED=weekly +CHECK_USERS=weekly +CHECK_GROUPS=weekly +NOTIFY_WARN=yes +CHECK_OPEN_PORT=weekly +CHECK_FIREWALL=weekly +CHECK_RPM_PACKAGES=weekly +CHECK_RPM_INTEGRITY=weekly +MAIL_WARN=yes +CHECK_SECURITY=yes +TTY_WARN=yes +CHECK_SGID=weekly +CHECK_PROMISC=weekly +CHECK_ON_BATTERY=yes +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= diff --git a/conf/perm.audit_daily b/conf/perm.audit_daily new file mode 100644 index 0000000..c95a594 --- /dev/null +++ b/conf/perm.audit_daily @@ -0,0 +1,3 @@ +# msec not enabled, so let's user handle the permissions +### +/ current.current current diff --git a/conf/perm.audit_weekly b/conf/perm.audit_weekly new file mode 100644 index 0000000..c95a594 --- /dev/null +++ b/conf/perm.audit_weekly @@ -0,0 +1,3 @@ +# msec not enabled, so let's user handle the permissions +### +/ current.current current |