Hi
I wish to setup my Sarge tripwire policy file to monitor the files and subdirectories under "/var". The default "twpol.txt" file (ie tripwire version 2.3.1.2.0-2.2) seems to be a bit light with only four "/var" entries, similar to these:
/var -> +tpug /var/run -> $(Dynamic) /var/lock -> $(Dynamic) /var/log -> $(Dynamic)
Do you have any suggestions or examples of what type of checks should typically be used for this dynamic part of the filesystem ?
Do you know of any sites that contain Debian specific examples ?
Of particular interested is my "/var/lib" which currently contains these subdirectories:
apache2, dictionaries-common, horde2, logrotate, postgres, urandom, apt, discover, imp3, misc, setserial, usbutils, aptitude, dpkg, ipac, ntp, tripwire, dhcp, exim4, logcheck, php4, ucf
Regards, Declan
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]