HostedDB - Dedicated UNIX Servers
Securing-Optimizing-RH-Linux-1_2_200
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 200 } (emailto = admin@openarch.com, rulename = "Login Scripts") {   /etc/csh.login                           -> $(SEC_CONFIG);   /etc/profile                             -> $(SEC_CONFIG); } # These files change every time the system boots  (emailto = admin@openarch.com, rulename = "System boot changes", severity = $(SIG_HI)) {      /dev/log                                -> $(Dynamic)   ;      /dev/cua0                               -> $(Dynamic)   ;      /dev/console                            -> $(Dynamic)   ;      /dev/tty2                               -> $(Dynamic)   ; # tty devices      /dev/tty3                               -> $(Dynamic)   ; # are extremely      /dev/tty4                               -> $(Dynamic)   ; # variable      /dev/tty5                               -> $(Dynamic)   ;      /dev/tty6                               -> $(Dynamic)   ;      /dev/urandom                               -> $(Dynamic)   ;      /dev/initctl                            -> $(Dynamic)   ;      /var/lock/subsys                           -> $(Dynamic)   ;      /var/run                                -> $(Dynamic)   ; # daemon PIDs       /var/log                                -> $(Dynamic)   ;      /etc/ioctl.save                         -> $(Dynamic)   ;      /etc/.pwd.lock                          -> $(Dynamic)   ;      /etc/mtab                               -> $(Dynamic)   ;      /lib/modules                            -> $(Dynamic)   ; } # Critical configuration files  (emailto = admin@openarch.com, rulename = "Critical configuration files", severity = $(SIG_HI)) {      /etc/conf.modules                     -> $(ReadOnly)   ;      /etc/crontab                            -> $(ReadOnly)   ;      /etc/cron.hourly                        -> $(ReadOnly)   ;      /etc/cron.daily                         -> $(ReadOnly)   ;      /etc/cron.weekly                        -> $(ReadOnly)   ;      /etc/cron.monthly                         -> $(ReadOnly)   ;      /etc/default                            -> $(ReadOnly)   ;      /etc/fstab                              -> $(ReadOnly)   ;      /etc/group-           -> $(ReadOnly) ;  # changes should be infrequent      /etc/host.conf                          -> $(ReadOnly)   ;      /etc/hosts.allow                        -> $(ReadOnly)   ;      /etc/hosts.deny                         -> $(ReadOnly)   ;      /etc/lilo.conf -> $(ReadOnly)   ;      /etc/logrotate.conf -> $(ReadOnly)   ;      /etc/pwdb.conf -> $(ReadOnly)   ;      /etc/securetty -> $(ReadOnly)   ;      /etc/sendmail.cf -> $(ReadOnly)   ;      /etc/protocols                          -> $(ReadOnly)   ;      /etc/services                           -> $(ReadOnly)   ;      /etc/rc.d/init.d                        -> $(ReadOnly)   ;      /etc/rc.d                               -> $(ReadOnly)   ;      /etc/motd                               -> $(ReadOnly)   ;      /etc/passwd                             -> $(ReadOnly)   ;      /etc/passwd-                            -> $(ReadOnly)   ;      /etc/profile.d                          -> $(ReadOnly)   ;      /etc/rpc                                -> $(ReadOnly)   ;      /etc/sysconfig                          -> $(ReadOnly)   ;      /etc/shells  -> $(ReadOnly)   ;      /etc/nsswitch.conf                       -> $(ReadOnly)   ;