| [1] | 1 |
|
|---|
| 2 |
|
|---|
| [38] | 3 | This directory contains miscellaneous useful scripts, some of them contributed
|
|---|
| [1] | 4 | by various users. Additions and/or improvements are welcome.
|
|---|
| 5 |
|
|---|
| 6 | chroot.sh: prepare chroot environment for the log server
|
|---|
| 7 | ---------
|
|---|
| 8 |
|
|---|
| 9 | Usage: chroot.sh <chroot_directory>
|
|---|
| 10 |
|
|---|
| 11 | Tested on Debian Linux. Your mileage may vary.
|
|---|
| 12 | After running the script, review <chroot_directory>/etc/passwd
|
|---|
| 13 | to replace passwords with a *, and to fix the
|
|---|
| 14 | path to the home directory of the yule user.
|
|---|
| 15 | If using a signed configuration file, you need
|
|---|
| 16 | a working copy of GnuPG inside the chroot jail.
|
|---|
| 17 |
|
|---|
| 18 | This script will probably fail on systems other than Linux,
|
|---|
| 19 | mainly because of the mknod commands to create devices
|
|---|
| 20 | in the chroot jail.
|
|---|
| 21 |
|
|---|
| 22 | NO WARRANTY !!!
|
|---|
| 23 |
|
|---|
| 24 | samhainadmin.pl
|
|---|
| 25 | ---------------
|
|---|
| 26 |
|
|---|
| 27 | Perform various tasks useful if you are using signed configuration
|
|---|
| 28 | and database files.
|
|---|
| 29 |
|
|---|
| [121] | 30 | Run 'samhainadmin.pl -h' for usage instructions.
|
|---|
| [1] | 31 |
|
|---|
| [121] | 32 | yuleadmin.pl
|
|---|
| 33 | ------------
|
|---|
| 34 |
|
|---|
| 35 | Perl script (by Riccardo Murri) to list, add, and remove clients
|
|---|
| 36 | from the yulerc file.
|
|---|
| 37 |
|
|---|
| 38 | Run 'yuleadmin.pl -h' for usage instructions.
|
|---|
| 39 |
|
|---|
| [1] | 40 | samhainrc_update.sh
|
|---|
| 41 | -------------------
|
|---|
| 42 |
|
|---|
| 43 | If you are using the --with-kcheck option on Linux, after a kernel
|
|---|
| 44 | update you need to change some option (addresses of kernel functions)
|
|---|
| 45 | in the samhainrc configuration file. The correct new addresses must
|
|---|
| 46 | be looked up in the System.map file
|
|---|
| 47 |
|
|---|
| 48 | This script will do this automatically. Run 'samhainrc_update.sh -h'
|
|---|
| 49 | for usage instructions. You may need to change the location of the
|
|---|
| [29] | 50 | samhainrc file by editing the line 'cfgfile="/etc/samhainrc"'
|
|---|
| [1] | 51 | at the beginning of the script.
|
|---|
| 52 |
|
|---|
| 53 | check_samhain.pl
|
|---|
| 54 | ----------------
|
|---|
| 55 |
|
|---|
| 56 | Nagios plugin for samhain. Will execute samhain and report results
|
|---|
| 57 | in the way expected by nagios. Drop this into your nagios/libexec/
|
|---|
| 58 | directory.
|
|---|
| 59 |
|
|---|
| 60 | samhain.logrotator: logrotate script
|
|---|
| 61 | ------------------
|
|---|
| 62 |
|
|---|
| 63 | This is a logrotate script (contributed by Simon Bailey)
|
|---|
| 64 |
|
|---|
| 65 | concat.pl
|
|---|
| 66 | ---------
|
|---|
| 67 |
|
|---|
| 68 | Concatenate samhain file signature databases and write the resulting
|
|---|
| 69 | database file to stdout. Does not work on signed or otherwise modified
|
|---|
| 70 | file signature databases.
|
|---|
| 71 |
|
|---|
| 72 | samhain.{cgi|dtd|xsl}: display XML logfile in XML capable browser
|
|---|
| 73 | --------------------- (works with Mozilla 1.2, possibly Mozilla 1.0, IE 6)
|
|---|
| 74 |
|
|---|
| 75 | Usage: 1. review samhain.cgi (see remarks in file)
|
|---|
| 76 | 2. drop samhain.cgi, samhain.dtd, samhain.xsl in some
|
|---|
| 77 | directory on your webserver
|
|---|
| 78 | 3. use .htaccess to protect access to that directory
|
|---|
| 79 | 4. point your browser at samhain.cgi
|
|---|
| 80 |
|
|---|
| 81 | You may need to rename samhain.cgi to samhain.php if you use
|
|---|
| 82 | mod_php. Also, you will certainly need to edit the path to the
|
|---|
| 83 | logfile in samhain.cgi.
|
|---|
| 84 |
|
|---|
| 85 | CAVEAT: There is no built-in access restriction (use .htaccess to
|
|---|
| 86 | password-protect the directory).
|
|---|
| 87 |
|
|---|
| 88 | The XSL stylesheet is based on a contribution by Olivier Salaun.
|
|---|
| 89 |
|
|---|
| 90 |
|
|---|
| 91 | samhain.spec: RPM spec file for building a vanilla single-host RPM
|
|---|
| 92 | ------------
|
|---|
| 93 |
|
|---|
| 94 | Contributed by Andre Oliveira da Costa <brblueser@uol.com.br>
|
|---|
| 95 |
|
|---|
| 96 | This is a spec file to produce a vanilla single-host samhain RPM
|
|---|
| 97 | (no fancy options, standard directory layout :).
|
|---|
| 98 |
|
|---|
| 99 | Accepted parameters for 'rpmbuild':
|
|---|
| 100 |
|
|---|
| 101 | --with gpg - enables gpg support
|
|---|
| 102 | --with tests - make tests before building
|
|---|
| 103 |
|
|---|
| 104 | redhat_i386.client.spec: RPM spec file for building a RedHat client RPM
|
|---|
| 105 | ------------
|
|---|
| 106 |
|
|---|
| 107 | Contributed by Philipp Stadler <philipp@stadler.priv.at>
|
|---|
| 108 |
|
|---|
| 109 | Does not install documentation or local config file.
|
|---|
| 110 |
|
|---|
| 111 |
|
|---|
| 112 |
|
|---|
