Login or Register to Ask a Question and Join Our Community


Infrastructure Monitoring

Lynis 1.2.3 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Infrastructure Monitoring Lynis 1.2.3 (Default branch)
# 1  
Old 03-02-2009
Lynis 1.2.3 (Default branch)
ImageLynis is an auditing tool for Unix (specialists). It scans systems to detect software and security issues. Beside security related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software aims in assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix based systems.License: GNU General Public License v3Changes:
This release contains many new tests, like status checks for Syslog-NG, klogd, and minilogd. Several inetd and logging tests have been added. Two new categories (Insecure services and SNMP) are included, and several problems related to Solaris have been fixed.Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT HPUX

audit.conf

audit.conf(4)						     Kernel Interfaces Manual						     audit.conf(4)

NAME

       audit.conf, audit_site.conf - files containing event mapping information and  site-specific event mapping information

DESCRIPTION

       Files and store the event mapping information that can be used by and

       An  event is a particular system operation.  It may be either a self-auditing event or a system call.  Auditable events are classified into
       several event categories and/or profiles. Events and system calls may have aliases.

       When the auditing system is installed, a default set of event mapping information is provided in In order to  meet  site-specific  require-
       ments, users may also define event categories and profiles in

       In  general,  an event category is defined as a set of operations that affect a particular aspect of the system.  A profile is defined as a
       set of operations that affect a particular type of system.  With these classifications, a set of events can be selected when  using  or	by
       specifying the event category or the profile that the events are associated with.

       Here is the syntax of the directives in and

       Event categories are defined using the directive for base events and the directive for event aliases.

       Base  events are events that are pre-defined by the HP-UX operating system.  They are always associated with self-auditing events that have
       the same name and/or with a list of system calls with the names that are referred to by the HP-UX auditing system.

       Event aliases, distinct from base events, are combinations of base events, self-auditing events, system calls, and system call aliases.

       The system call name referred to by the auditing system usually matches the real system call name with a few  exceptions.   If  the  system
       call  is one of these exceptions, an alias name may be defined using the directive, and the alias name can be used by and system call level
       selection.  For example, the system call is referred to as the system call by the auditing  system.   The  interface  of  is  not  publicly
       exported,  but  the security relevant information of this system call is described in this file documents the security relevant information
       for all system calls that have names beginning with a period

       Profiles are defined using the directive.  Profiles can be combinations of any events.

       In only and directives are allowed; names picked for or must begin with a uppercase character and must have at least one lowercase  charac-
       ter.  Adding or at the end of an event name indicates only include successful or failed operations.

EXAMPLES

       Here are some example entries that could be in

       Selecting  for  auditing enables audit for the system calls (for both pass and fail), (for pass only), and (for fail only).  Note that con-
       tains and the fail events covered under Selecting this profile causes to be audited for both pass and fail, and to be audited for fail, and
       to not be audited at all.

AUTHOR

       was developed by HP.

FILES

       File containing event mapping information

       File containing audit information description for
	      HP-UX internal system calls which are not publicly supported

       File containing site-specific event
	      mapping information

SEE ALSO

       audevent(1M), audisp(1M).

																     audit.conf(4)