Outils personnels

Variables Tripwire

De wikiGite

Révision datée du 25 septembre 2008 à 12:32 par Frank (discussion | contributions)
(diff) ← Version précédente | Voir la version actuelle (diff) | Version suivante → (diff)

Characters used in property masks, with descriptions: 

   -      Ignore the following properties
   +     Record and check the following properties
   a     Access timestamp
   b     Number of blocks allocated
   c     Inode timestamp (create/modify)
   d     ID of device on which inode resides
   g     File owner's group ID
   i     Inode number
   l     File is increasing in size (a "growing file")
   m     Modification timestamp
   n     Number of links (inode reference count)
   p     Permissions and file mode bits
   r     ID of device pointed to by inode
         (valid only for device objects)
   s     File size
   t     File type
   u     File owner's user ID
   C     CRC-32 hash value
   H     Haval hash value
   M     MD5 hash value
   S     SHA hash value

ReadOnly is good for files that are widely available but are intended to be read-only.

Value: +pinugtsdbmCM-rlacSH

Dynamic

Dynamic is good for monitoring user directories and files that tend to be dynamic in behavior.

Value: +pinugtd-srlbamcCMSH

Growing

The Growing variable is intended for files that should only get larger.

Value: +pinugtdl-srbamcCMSH

Device

Device is good for devices or other files that Tripwire should not attempt to open.

Value: +pugsdr-intlbamcCMSH

IgnoreAll

IgnoreAll tracks a file's presence or absence, but doesn't check any other properties.

Value: -pinugtsdrlbamcCMSH

IgnoreNone

IgnoreNone turns on all properties and provides a convenient starting point for defining your own property masks. (For example, mymask = $(IgnoreNone) -ar;)

Value: +pinugtsdrbamcCMSH-l

Récupérée de « https://wiki.kogite.fr/index.php?title=Variables_Tripwire&oldid=1633 »