Re: Bug#276627: ITP: systraq -- monitor your system and warn when system files change
Le Friday 15 October 2004 à 10:47:26, Laurent Fousse a écrit:
> Package: wnpp
> Severity: wishlist
>
> * Package name : systraq
> Version : 0.0.20041015
> Upstream Author : Joost van Baal <joostvb *dash* systraq *at* mdcc *dot* cx>
> * URL : http://mdcc.cx/software/
> * License : GPL
> Description : monitor your system and warn when system files change
>
> Systraq daily sends you an email listing the state of your system.
> Furthermore, if critical files have changed, you'll get an email within a
> shorter notice. Systraq consists of few very small shell scripts.
> .
> It can help you implementing a not too strict security policy. For more
> demanding systems, you'd better use something like tripwire. Make sure you
> really want to do the monitoring this script offers: it might not comply with
> your site's privacy policy. Getting informed when users' config file change
> might be too intrusive.
> .
> Other similar tools are available in Debian (`diffmon' for instance), but
> systraq is less intrusive because it can warn for file changes without mailing
> a complete diff (which is not desirable for e.g. /etc/shadow).
Can you also document what are the differences between systraq and
checksecurity? checksecurity does _not_ send a diff of the modified
files. This feature (no diff sent) seams to be the major advantage of
systraq over what was provided by *BSD according to [1].
checksecurity was part of cron so any Debian stable user has it. It is
now just recommended by cron.
I do not object to the inclusion of this package but would like to know
what are the benefits compared to an already existing Debian package.
Regards,
[1] http://mdcc.cx/pub/systraq/systraq-latest/doc/manual.html
--
Dr. Ludovic Rousseau Ludovic.Rousseau@free.fr
-- Normaliser Unix c'est comme pasteuriser le camembert, L.R. --
Reply to: