# tripwire -m u -r test.example-20071127-073307.twr
デフォルトのテキストエディタの vi でレポートが表示される。
Open Source Tripwire(R) 2.4.1 Integrity Check Report
Report generated by: root
Report created on: 2007年11月27日 07時33分07秒
Database last updated on: Never
===============================================================================
Report Summary:
===============================================================================
Host name: test.example
Host IP address: 127.0.0.1
Host ID: None
Policy file used: /usr/local/etc/tw.pol
Configuration file used: /usr/local/etc/tw.cfg
Database file used: /usr/local/lib/tripwire/test.example.twd
Command line used: tripwire --check
===============================================================================
Rule Summary:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
Rule Name Severity Level Added Removed Modified
--------- -------------- ----- ------- --------
* Tripwire Data Files 0 1 0 0
* Monitor Filesystems 0 0 0 3
User Binaries and Libraries 0 0 0 0
Tripwire Binaries 0 0 0 0
OS Binaries and Libraries 0 0 0 0
* Temporary Directories 0 1 0 0
Global Configuration Files 0 0 0 0
System Boot Changes 0 0 0 0
RPM Checksum Files 0 0 0 0
OS Devices and Misc Directories 0 0 0 0
OS Boot Files and Mount Points 0 0 0 0
Root Directory and Files 0 0 0 0
Total objects scanned: 125585
Total violations found: 5
===============================================================================
Object Summary:
===============================================================================
-------------------------------------------------------------------------------
# Section: Unix File System
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Monitor Filesystems (/)
Severity Level: 0
-------------------------------------------------------------------------------
Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.
Modified:
[x] "/"
-------------------------------------------------------------------------------
Rule Name: Tripwire Data Files (/usr/local/lib/tripwire)
Severity Level: 0
-------------------------------------------------------------------------------
Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.
Added:
[x] "/usr/local/lib/tripwire/test.example.twd.bak"
-------------------------------------------------------------------------------
Rule Name: Monitor Filesystems (/home)
Severity Level: 0
-------------------------------------------------------------------------------
Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.
Modified:
[x] "/home/test/.gconfd"
[x] "/home/test/.gconfd/saved_state"
-------------------------------------------------------------------------------
Rule Name: Temporary Directories (/tmp)
Severity Level: 0
-------------------------------------------------------------------------------
Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.
Added:
[x] "/tmp/tripwire5-3.txt"
===============================================================================
Object Detail:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Monitor Filesystems (/)
Severity Level: 0
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /
Property: Expected Observed
------------- ----------- -----------
Object Type Directory Directory
Device Number 771 771
Inode Number 2 2
Mode drwxr-xr-x drwxr-xr-x
Num Links 23 23
UID root (0) root (0)
GID root (0) root (0)
Size 4096 4096
* Modify Time 2007年11月27日 05時47分03秒
2007年11月27日 07時33分08秒
Blocks 16 16
-------------------------------------------------------------------------------
Rule Name: Tripwire Data Files (/usr/local/lib/tripwire)
Severity Level: 0
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /usr/local/lib/tripwire/test.example.twd.bak
Property: Expected Observed
------------- ----------- -----------
* Object Type --- Regular File
* Device Number --- 771
* Mode --- -rw-r--r--
* Num Links --- 1
* UID --- root (0)
* GID --- root (0)
-------------------------------------------------------------------------------
Rule Name: Monitor Filesystems (/home)
Severity Level: 0
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /home/test/.gconfd
Property: Expected Observed
------------- ----------- -----------
Object Type Directory Directory
Device Number 771 771
Inode Number 170754 170754
Mode drwx------ drwx------
Num Links 2 2
UID test (500) test (500)
GID test (500) test (500)
Size 4096 4096
* Modify Time 2007年11月27日 05時39分57秒
2007年11月27日 07時26分58秒
Blocks 16 16
Modified object name: /home/test/.gconfd/saved_state
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 771 771
* Inode Number 170820 170818
Mode -rwx------ -rwx------
Num Links 1 1
UID test (500) test (500)
GID test (500) test (500)
Size 66384 66384
* Modify Time 2007年11月27日 05時39分57秒
2007年11月27日 07時26分58秒
Blocks 144 144
CRC32 AcIPxF AcIPxF
MD5 CxNvXXX0nQiW96/5xgCEEr CxNvXXX0nQiW96/5xgCEEr
-------------------------------------------------------------------------------
Rule Name: Temporary Directories (/tmp)
Severity Level: 0
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /tmp/tripwire5-3.txt
Property: Expected Observed
------------- ----------- -----------
* Object Type --- Regular File
* Mode --- -rw-r--r--
* UID --- root (0)
* GID --- root (0)
===============================================================================
Error Report:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
1. File system error.
Filename: /usr/local/sysinfo
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
2. File system error.
Filename: /usr/X11R6/lib
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
3. File system error.
Filename: /etc/mail/statistics
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
4. File system error.
Filename: /var/lost+found
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
5. File system error.
Filename: /cdrom
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
6. File system error.
Filename: /floppy
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
7. File system error.
Filename: /initrd
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
8. File system error.
Filename: /home/lost+found
\xe3\x81\x9d\xe3\x81\xae\xe3\x82\x88\xe3\x81\(省略)
-------------------------------------------------------------------------------
*** End of report ***
Open Source Tripwire 2.4 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.
|