On Wed, 2003-10-01 at 15:41, cajun wrote: > Bret Hughes wrote: > > > (snip) > > > >found it for those who might be interested. Love them archives. > > > > > > > >http://marc.theaimsgroup.com/?l=redhat-list&m=104396069108467&w=2 > > > >Bret > > > > > > > > > Hi Bret, > > Thanks. That I do appreciate!!! Will this script go in to the > twpol.txt and edit it for cleaning up any of the files and maybe damons > that are not being used? I found the tripwire page and followed their > instructions up to the point of going in and cleaning out the twpol.txt > file. It was late last night when I did this and I have not had a > chance to get back to it yet. Again Thanks for the script!! > > Lee Perez
yup saves a sh*t load of time and less error prone too. If we could standardize on an IDS it would be way cool if developers of "important" packages could include a list of binaries and config files that need to be watched so they could be added to the pol file easily. Maybe some night when I can't sleep I will try and parse the output or rpm -ql package and see if intelligent guesses can be made as to what should go where. If you add a package now it's files will be commented out. I guess If we assume that redhat really did include EVERYTHING (not possible IMNSHO) then a good first cut would be to modify the script to uncomment files that are there now. Hmm looking at it, it does not seem that it would be a huge deal to check after the leading #. Thanks for making me think about this a little. Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
