aboutsummaryrefslogtreecommitdiffstats
path: root/conf
diff options
context:
space:
mode:
authorEugeni Dodonov <eugeni@mandriva.org>2010-02-24 11:59:07 +0000
committerEugeni Dodonov <eugeni@mandriva.org>2010-02-24 11:59:07 +0000
commite291d07638bc0756c8bd91d42c336abd6a034d7e (patch)
tree904aec2f11f33207ff2fafe8d6313820463c4eec /conf
parent2b914a6e92a96a69483f6381fbbf594a40494c59 (diff)
downloadmsec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar
msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar.gz
msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar.bz2
msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.tar.xz
msec-e291d07638bc0756c8bd91d42c336abd6a034d7e.zip
Added support for audit_daily and audit_weekly profiles.
Diffstat (limited to 'conf')
-rw-r--r--conf/level.audit_daily105
-rw-r--r--conf/level.audit_weekly105
-rw-r--r--conf/perm.audit_daily3
-rw-r--r--conf/perm.audit_weekly3
4 files changed, 216 insertions, 0 deletions
diff --git a/conf/level.audit_daily b/conf/level.audit_daily
new file mode 100644
index 0000000..330ef3a
--- /dev/null
+++ b/conf/level.audit_daily
@@ -0,0 +1,105 @@
+BASE_LEVEL=audit_daily
+CHECK_WRITABLE=daily
+MAIL_EMPTY_CONTENT=no
+CHECK_PERMS=no
+CHECK_PERMS_ENFORCE=no
+CHECK_SECTOOL=daily
+CHECK_SECTOOL_LEVEL=3
+CHECK_USER_FILES=daily
+CHECK_CHKROOTKIT=daily
+CHECK_SUID_ROOT=daily
+SYSLOG_WARN=yes
+ENABLE_AT_CRONTAB=
+CHECK_PASSWD=daily
+CHECK_SUID_MD5=daily
+CHECK_SHOSTS=daily
+MAIL_USER=root
+CHECK_SHADOW=daily
+CHECK_UNOWNED=daily
+CHECK_USERS=daily
+CHECK_GROUPS=daily
+NOTIFY_WARN=yes
+CHECK_OPEN_PORT=daily
+CHECK_FIREWALL=daily
+CHECK_RPM_PACKAGES=daily
+CHECK_RPM_INTEGRITY=daily
+MAIL_WARN=yes
+CHECK_SECURITY=yes
+TTY_WARN=yes
+CHECK_SGID=daily
+CHECK_PROMISC=daily
+CHECK_ON_BATTERY=yes
+ACCEPT_BOGUS_ERROR_RESPONSES=
+ACCEPT_BROADCASTED_ICMP_ECHO=
+ACCEPT_ICMP_ECHO=
+ALLOW_AUTOLOGIN=
+ALLOW_CURDIR_IN_PATH=
+ALLOW_REBOOT=
+ALLOW_REMOTE_ROOT_LOGIN=
+ALLOW_ROOT_LOGIN=
+ALLOW_SUDO_TO_WHEEL=
+ALLOW_USER_LIST=
+ALLOW_XAUTH_FROM_ROOT=
+ALLOW_XSERVER_TO_LISTEN=
+ALLOW_X_CONNECTIONS=
+AUTHORIZE_SERVICES=
+CREATE_SERVER_LINK=
+ENABLE_CONSOLE_LOG=
+ENABLE_DNS_SPOOFING_PROTECTION=
+ENABLE_IP_SPOOFING_PROTECTION=
+ENABLE_LOG_STRANGE_PACKETS=
+ENABLE_MSEC_CRON=
+ENABLE_PAM_ROOT_FROM_WHEEL=
+ENABLE_PAM_WHEEL_FOR_SU=
+ENABLE_PASSWORD=
+ENABLE_STARTUP_MSEC=
+ENABLE_STARTUP_PERMS=
+ENABLE_SULOGIN=
+EXCLUDE_REGEXP=
+FIX_UNOWNED=
+LOG_RETENTION=
+PASSWORD_HISTORY=
+PASSWORD_LENGTH=
+ROOT_UMASK=
+SECURE_TMP=
+SHELL_HISTORY_SIZE=
+SHELL_TIMEOUT=
+USER_UMASK=
+WIN_PARTS_UMASK=
+ACCEPT_BOGUS_ERROR_RESPONSES=
+ACCEPT_BROADCASTED_ICMP_ECHO=
+ACCEPT_ICMP_ECHO=
+ALLOW_AUTOLOGIN=
+ALLOW_CURDIR_IN_PATH=
+ALLOW_REBOOT=
+ALLOW_REMOTE_ROOT_LOGIN=
+ALLOW_ROOT_LOGIN=
+ALLOW_SUDO_TO_WHEEL=
+ALLOW_USER_LIST=
+ALLOW_XAUTH_FROM_ROOT=
+ALLOW_XSERVER_TO_LISTEN=
+ALLOW_X_CONNECTIONS=
+AUTHORIZE_SERVICES=
+CREATE_SERVER_LINK=
+ENABLE_CONSOLE_LOG=
+ENABLE_DNS_SPOOFING_PROTECTION=
+ENABLE_IP_SPOOFING_PROTECTION=
+ENABLE_LOG_STRANGE_PACKETS=
+ENABLE_MSEC_CRON=
+ENABLE_PAM_ROOT_FROM_WHEEL=
+ENABLE_PAM_WHEEL_FOR_SU=
+ENABLE_PASSWORD=
+ENABLE_STARTUP_MSEC=
+ENABLE_STARTUP_PERMS=
+ENABLE_SULOGIN=
+EXCLUDE_REGEXP=
+FIX_UNOWNED=
+LOG_RETENTION=
+PASSWORD_HISTORY=
+PASSWORD_LENGTH=
+ROOT_UMASK=
+SECURE_TMP=
+SHELL_HISTORY_SIZE=
+SHELL_TIMEOUT=
+USER_UMASK=
+WIN_PARTS_UMASK=
diff --git a/conf/level.audit_weekly b/conf/level.audit_weekly
new file mode 100644
index 0000000..a9e8090
--- /dev/null
+++ b/conf/level.audit_weekly
@@ -0,0 +1,105 @@
+BASE_LEVEL=audit_weekly
+CHECK_WRITABLE=weekly
+MAIL_EMPTY_CONTENT=no
+CHECK_PERMS=no
+CHECK_PERMS_ENFORCE=no
+CHECK_SECTOOL=weekly
+CHECK_SECTOOL_LEVEL=3
+CHECK_USER_FILES=weekly
+CHECK_CHKROOTKIT=weekly
+CHECK_SUID_ROOT=weekly
+SYSLOG_WARN=yes
+ENABLE_AT_CRONTAB=
+CHECK_PASSWD=weekly
+CHECK_SUID_MD5=weekly
+CHECK_SHOSTS=weekly
+MAIL_USER=root
+CHECK_SHADOW=weekly
+CHECK_UNOWNED=weekly
+CHECK_USERS=weekly
+CHECK_GROUPS=weekly
+NOTIFY_WARN=yes
+CHECK_OPEN_PORT=weekly
+CHECK_FIREWALL=weekly
+CHECK_RPM_PACKAGES=weekly
+CHECK_RPM_INTEGRITY=weekly
+MAIL_WARN=yes
+CHECK_SECURITY=yes
+TTY_WARN=yes
+CHECK_SGID=weekly
+CHECK_PROMISC=weekly
+CHECK_ON_BATTERY=yes
+ACCEPT_BOGUS_ERROR_RESPONSES=
+ACCEPT_BROADCASTED_ICMP_ECHO=
+ACCEPT_ICMP_ECHO=
+ALLOW_AUTOLOGIN=
+ALLOW_CURDIR_IN_PATH=
+ALLOW_REBOOT=
+ALLOW_REMOTE_ROOT_LOGIN=
+ALLOW_ROOT_LOGIN=
+ALLOW_SUDO_TO_WHEEL=
+ALLOW_USER_LIST=
+ALLOW_XAUTH_FROM_ROOT=
+ALLOW_XSERVER_TO_LISTEN=
+ALLOW_X_CONNECTIONS=
+AUTHORIZE_SERVICES=
+CREATE_SERVER_LINK=
+ENABLE_CONSOLE_LOG=
+ENABLE_DNS_SPOOFING_PROTECTION=
+ENABLE_IP_SPOOFING_PROTECTION=
+ENABLE_LOG_STRANGE_PACKETS=
+ENABLE_MSEC_CRON=
+ENABLE_PAM_ROOT_FROM_WHEEL=
+ENABLE_PAM_WHEEL_FOR_SU=
+ENABLE_PASSWORD=
+ENABLE_STARTUP_MSEC=
+ENABLE_STARTUP_PERMS=
+ENABLE_SULOGIN=
+EXCLUDE_REGEXP=
+FIX_UNOWNED=
+LOG_RETENTION=
+PASSWORD_HISTORY=
+PASSWORD_LENGTH=
+ROOT_UMASK=
+SECURE_TMP=
+SHELL_HISTORY_SIZE=
+SHELL_TIMEOUT=
+USER_UMASK=
+WIN_PARTS_UMASK=
+ACCEPT_BOGUS_ERROR_RESPONSES=
+ACCEPT_BROADCASTED_ICMP_ECHO=
+ACCEPT_ICMP_ECHO=
+ALLOW_AUTOLOGIN=
+ALLOW_CURDIR_IN_PATH=
+ALLOW_REBOOT=
+ALLOW_REMOTE_ROOT_LOGIN=
+ALLOW_ROOT_LOGIN=
+ALLOW_SUDO_TO_WHEEL=
+ALLOW_USER_LIST=
+ALLOW_XAUTH_FROM_ROOT=
+ALLOW_XSERVER_TO_LISTEN=
+ALLOW_X_CONNECTIONS=
+AUTHORIZE_SERVICES=
+CREATE_SERVER_LINK=
+ENABLE_CONSOLE_LOG=
+ENABLE_DNS_SPOOFING_PROTECTION=
+ENABLE_IP_SPOOFING_PROTECTION=
+ENABLE_LOG_STRANGE_PACKETS=
+ENABLE_MSEC_CRON=
+ENABLE_PAM_ROOT_FROM_WHEEL=
+ENABLE_PAM_WHEEL_FOR_SU=
+ENABLE_PASSWORD=
+ENABLE_STARTUP_MSEC=
+ENABLE_STARTUP_PERMS=
+ENABLE_SULOGIN=
+EXCLUDE_REGEXP=
+FIX_UNOWNED=
+LOG_RETENTION=
+PASSWORD_HISTORY=
+PASSWORD_LENGTH=
+ROOT_UMASK=
+SECURE_TMP=
+SHELL_HISTORY_SIZE=
+SHELL_TIMEOUT=
+USER_UMASK=
+WIN_PARTS_UMASK=
diff --git a/conf/perm.audit_daily b/conf/perm.audit_daily
new file mode 100644
index 0000000..c95a594
--- /dev/null
+++ b/conf/perm.audit_daily
@@ -0,0 +1,3 @@
+# msec not enabled, so let's user handle the permissions
+###
+/ current.current current
diff --git a/conf/perm.audit_weekly b/conf/perm.audit_weekly
new file mode 100644
index 0000000..c95a594
--- /dev/null
+++ b/conf/perm.audit_weekly
@@ -0,0 +1,3 @@
+# msec not enabled, so let's user handle the permissions
+###
+/ current.current current