[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Possible Hack.
- Subject: Re: [cobalt-users] Possible Hack.
- From: "ISEE Multimedia" <mail@xxxxxxxxxxxxxxxxxxx>
- Date: Sat Feb 8 21:26:01 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> >
> > Hi Gerald,
> >
> > It seems that the output of 1 file deleted was during a system crash.
> >
> > When i run last the time correspond with a system crash and reboot.
> >
> > However, im currently installing FCheck and would like some advice on
> > configuration.
> >
> > 1, What directories on the RAQ would you suggest need to be monitored?
>
> In fcheck.cfg
>
> Directory = /usr/
> Directory = /bin/
> Directory = /lib/
> Directory = /root/
> Directory = /boot/
> Directory = /sbin/
> Directory = /etc/rc.d/
> Directory = /tmp/
> Directory = /dev/
>
> > 2, How would I go about adding this to Cron to run daily?
>
> crontab -e
> 32 4 * * * (cd /home/tools/chkrootkit-0.38; ./chkrootkit | mail -s
"chkrootkit
> run" admin)
> 35 4 * * * (cd /home/tools/fcheck; ./check-it | mail -s "fcheck output"
> admin)
> 38 4 * * * (cd /home/tools/fcheck; ./build-it | mail -s "fcheck rebuilt"
> admin)
> 07,22,37,52 * * * * /usr/local/etc/logcheck.sh
>
>
> > 3, Would adding this to Cron email me the results? and if not is this
> > possible?
>
> Yes, build a crontab as root, example above.
>
> Gerald
> --
Hi Gerald.
When i enter crontab -e all i get is a long list of
~
~
~
~
I'm obviously doing something wrong here?
Regards.
Mark