HostedDB - Dedicated UNIX Servers
Securing-Optimizing-RH-Linux-1_2_201
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 201 } # Critical devices  (emailto = admin@openarch.com, rulename = "Critical devices", severity = $(SIG_HI), recurse = false) {      /dev/kmem                               -> $(Device)   ;      /dev/mem                                -> $(Device)   ;      /dev/null                               -> $(Device)   ;      /dev/zero                               -> $(Device)   ;      /proc/devices                           -> $(Device)   ;      /proc/net                               -> $(Device)   ;      /proc/tty -> $(Device)   ;      /proc/sys                               -> $(Device)   ;      /proc/cpuinfo                           -> $(Device)   ;      /proc/modules                             -> $(Device)   ;      /proc/mounts                            -> $(Device)   ;      /proc/dma                               -> $(Device)   ;      /proc/filesystems                         -> $(Device)   ;      /proc/ide -> $(Device)   ;      /proc/interrupts                        -> $(Device)   ;      /proc/ioports                           -> $(Device)   ;      /proc/scsi                              -> $(Device)   ;      /proc/kcore                             -> $(Device)   ;      /proc/self                              -> $(Device)   ;      /proc/kmsg                              -> $(Device)   ;      /proc/stat                              -> $(Device)   ;      /proc/ksyms                             -> $(Device)   ;      /proc/loadavg                           -> $(Device)   ;      /proc/uptime                            -> $(Device)   ;      /proc/locks                             -> $(Device)   ;      /proc/version                           -> $(Device)   ;      /proc/meminfo                             -> $(Device)   ;      /proc/cmdline                           -> $(Device)   ;      /proc/misc                              -> $(Device)   ; } NOTE: This is an example policy file we provide you, of course you must modify this file to fit your system files and specific needs. Step 2 Once you are ready to use your policy file for the  first time, install it with the following command: [root@deep /]# twadmin --create-polfile /usr/TSS/policy/twpol.txt Please enter your site passphrase: Wrote policy file: /usr/TSS/policy/tw.pol Securing Tripwire for Linux Security Issue It is important to make sure that the integrity of the system you are running has not been already compromised. For maximum confidence in your baseline database, you should generate operating system and application files from a clean installation and original media. Also, it is recommend to delete the plain text copy of Tripwire configuration file named “twcfg.txt” located under “/usr/bin” directory to hide the locations of Tripwire’s files and prevent anyone from creating a second or alternated configuration file.