Changeset 481 for trunk/man/samhainrc.5


Ignore:
Timestamp:
Jul 18, 2015, 5:06:52 PM (6 years ago)
Author:
katerina
Message:

Enhancements and fixes for tickets #374, #375, #376, #377, #378, and #379.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/man/samhainrc.5

    r169 r481  
    253253by same user, and logouts.
    254254.TP
    255 .I "[Kernel]"
    256 Configuration for detecting kernel rootkits.
    257 .br
    258 .BI KernelCheckActive= 0|1
    259 Switch off/on checking of kernel syscalls to detect kernel module rootkits.
    260 .br
    261 .BI KernelCheckInterval= val
    262 Interval (seconds) between checks.
    263 .br
    264 .BI SeverityKernel= val
    265 Severity level for clobbered kernel syscalls.
    266 .br
    267 .BI KernelCheckIDT= 0|1
    268 Whether to check the interrrupt descriptor table.
    269 .br
    270 .BI KernelSystemCall= address
    271 The address of system_call (grep system_call System.map).
    272 Required after a kernel update.
    273 .br
    274 .BI KernelProcRoot= address
    275 The address of proc_root (grep ' proc_root$' System.map).
    276 Required after a kernel update.
    277 .br
    278 .BI KernelProcRootIops= address
    279 The address of proc_root_inode_operations
    280 (grep proc_root_inode_operations System.map).
    281 Required after a kernel update.
    282 .br
    283 .BI KernelProcRootLookup= address
    284 The address of proc_root_lookup (grep proc_root_lookup System.map).
    285 Required after a kernel update.
    286 .TP
    287255.I "[SuidCheck]"
    288256Settings for finding SUID/SGID files on disk.
     
    473441Set type of message authentication code (HMAC).
    474442Must be identical on client and server.
     443.br
     444.BI StartupLoadDelay= val
     445Defines the interval (in seconds) to wait after startup before
     446loading the databse from the server. Default is no wait.
    475447.br
    476448.BI SetLoopTime= val
Note: See TracChangeset for help on using the changeset viewer.