Manualshelf

User`s guide

ManualsBrandsProtogate ManualsComputer equipmentFreeway 3112
21222324252627282930
Chapter 6. Hardening a Freeway Protogate Freeway Security Features User’s Guide (SFUG)
echo "SHELL=/bin/sh" > /etc/crontab
echo "PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin" >> /etc/crontab
echo "HOME=/var/log" >> /etc/crontab
echo "B_FWY_SERVERNAME=${B_FWY_SERVERNAME}" >> /etc/crontab
echo "MAILTO=\"\"" >> /etc/crontab
echo "TZ=\"\"" >> /etc/crontab
echo "#" >> /etc/crontab
echo "#minute hour mday month wday who command" >> /etc/crontab
echo "#" >> /etc/crontab
echo "0
* * * *
root newsyslog" >> /etc/crontab
echo "0 5
* * *
root sh /tmp/httplog_rotate.sh" >> /etc/crontab
if [ -x /usr/sbin/cron ]; then
/usr/sbin/cron
fi
6.9. Configure Auditing
Figure 6-9 shows a simple way to setup and enable system-call auditing.
Figure 6-9. Configure Auditing
# Start kernel-level event auditing. The root user can use
# "praudit -l /var/audit/current" to see the audit entries, or
# "praudit -l /dev/auditpipe" to continually see the latest entries
# as they appear.
if [ ! -d /var/audit ]; then
mkdir -p -m 750 /var/audit
fi
chmod go-w /etc/security
if /usr/bin/grep "^host:" /etc/security/audit_control >/dev/null; then
echo "host line already in audit file -- will not tamper with it..."
else
echo "host:${B_FWY_SERVERNAME}" >> /etc/security/audit_control
fi
# If audit_user file has not been altered by any user, then
# add default settings for the 2 initial login accounts.
if [ 5 = ‘cat /etc/security/audit_user |wc -l‘ ]; then
echo "#" >> /etc/security/audit_user
echo "# These lines have been added to this file by the" >> /etc/security/audit_user
echo "# /usr/local/freeway/boot.src/rc.startsra command script," >> /etc/security/audit_user
echo "# to configure auditing of the 2 originally-configured" >> /etc/security/audit_user
echo "# Freeway Monitor users. To alter these settings, you should add" >> /etc/security/audit_user
echo "# echo statements in /usr/local/freeway/boot.src/rc.startsra.local," >> /etc/security/audit_user
echo "# rather than edit either /etc/security/audit_user or" >> /etc/security/audit_user
echo "# /ro/etc/security/audit_user directly; using echo statements" >> /etc/security/audit_user
echo "# will ensure that your changes are not lost or altered" >> /etc/security/audit_user
echo "# by any subsequent Freeway or Monitor software install." >> /etc/security/audit_user
24 Protogate DC-908-3004A