tiger templates

To: debian-security@lists.debian.org
Subject: tiger templates
From: Michael West <web@mitzit.net>
Date: Thu, 24 Oct 2002 17:21:40 -0700
Message-id: <[🔎] 20021025002140.GA12240@seanet.com>
Mail-followup-to: debian-security@lists.debian.org

I have been unable to use templates to get tiger to stop reporting. 
I am running checks through tigercron.

For instance, /var/log/tiger/check_accounts.out.1 reads:
---------------------------------------
# Performing check of user accounts...
# Checking accounts from /etc/passwd.
--WARN-- [acc006w] Login ID nobody's home directory (/home) has group
`staff' wr 
ite access.
---------------------------------------

I would like to ignore this, so I copy the file to:
/etc/tiger/check_accounts.template
so that it will no longer be reported.  But it is still reported everytime.

I also tried copying it to /etc/tiger/templates/check_accounts.template
with no luck.

I am running Debian 3.0.

My /etc/tiger/tigerrc looks like:
------------------------
Build=Y                  # C files are corrupted (ouch.)
Tiger_Check_PASSWD=Y            # Fast
Tiger_Check_GROUP=Y             # Fast
Tiger_Check_ACCOUNTS=Y          # Time varies on # of users
Tiger_Check_RHOSTS=Y            # Time varies on # of users
Tiger_Check_NETRC=Y             # Time varies on # of users
Tiger_Check_ALIASES=Y           # Fast
Tiger_Check_CRON=Y              # Fast
Tiger_Check_ANONFTP=Y           # Fast
Tiger_Check_EXPORTS=Y           # Fast
Tiger_Check_INETD=N             # Could be faster, not bad though
Tiger_Check_KNOWN=Y             # Fast
Tiger_Check_PERMS=Y             # Could be faster, not bad though
Tiger_Check_SIGNATURES=Y        # Several minutes
Tiger_Check_FILESYSTEM=Y        # Time varies on disk space... can be
hours
Tiger_Check_PATH=Y              # Fast for just root... varies for all 
Tiger_Check_EMBEDDED=N          # Several minutes
Tiger_Check_EVERYLISTENING=N    # Give warning on services listening on 
                                # all interfaces (not limited to only
                                # one)
Tiger_Cron_SendOKReports=N
Tiger_Cron_Template=Y
Tiger_Cron_CheckPrev=N
Tiger_Show_INFO_Msgs=Y
Tiger_Run_CRACK=N               
Tiger_Output_FQDN=Y
Tiger_Output_Width=79
Tiger_CRON_Output_Width=0
Tiger_Embed_Max_Depth=3
Tiger_Embed_Check_Exec_Only=N
Tiger_Embed_Check_SUID=N
Tiger_Embed_Report_Exec_Only=N
Tiger_Embedded_OK_Owners='root|bin|uucp'
Tiger_Embedded_OK_Group_Write=root
Tiger_Check_PATHALL=N           # Check all user PATHs in startup files.
Tiger_ROOT_PATH_OK_Owners='root'
Tiger_ROOT_PATH_OK_Group_Write=root
Tiger_PATH_OK_Owners='root|bin|daemon|uucp|sys|adm'
Tiger_PATH_OK_Group_Write=
Tiger_Collect_CRACK=Y
Tiger_Crack_Local=Y
Tiger_Mail_RCPT="root"
Tiger_Files_of_Note="..[!.]*/.* */.*    */.[!.]/.log/.FSP*"
Tiger_FSScan_Devs=Y                     # device files
Tiger_FSScan_SymLinks=Y         # strange symbolic links
Tiger_FSScan_ofNote=Y           # weird filenames
Tiger_FSScan_WDIR=Y                     # world writable directories
-----------------

Help would be helpful :)

     ~Michael

Reply to:

Follow-Ups:
- Re: tiger templates
  - From: Hubert Chan <hubert@uhoreg.ca>

Prev by Date: Antigen found HTML.MimeExploit.Klez (CA(Vet)) virus
Next by Date: Re: tiger templates
Previous by thread: Antigen found HTML.MimeExploit.Klez (CA(Vet)) virus
Next by thread: Re: tiger templates
Index(es):
- Date
- Thread