logger: Tripwire: MD5 : 43d015eaf9589f1e5e87dda7fd6c0b00 /opt/tripwire/etc/tw.pol
logger: Tripwire: MD5 : fd4c4af9a148c6795a5de297f91fc9d9 /opt/tripwire/etc/tw.cfg
logger: Tripwire: MD5 : 261c45019bb42c9ef9e61639720b16a8 /opt/tripwire/bin/tripwire
Note: Report is not encrypted.
Tripwire(R) 2.3.0 Integrity Check Report
Report generated by: root
Report created on: Fri Dec 16 04:02:38 2005
Database last updated on: Never
===============================================================================
Report Summary:
===============================================================================
Host name: rocks-52.sdsc.edu
Host IP address: 198.202.88.52
Host ID: None
Policy file used: /opt/tripwire/etc/tw.pol
Configuration file used: /opt/tripwire/etc/tw.cfg
Database file used: /opt/tripwire/db/rocks-52.sdsc.edu.twd
Command line used: /opt/tripwire/bin/tripwire --check --cfgfile /opt/tripwire/etc/tw.cfg
===============================================================================
Rule Summary:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
Rule Name Severity Level Added Removed Modified
--------- -------------- ----- ------- --------
Invariant Directories 66 0 0 0
* Tripwire Data Files 100 1 0 0
Critical devices 100 0 0 0
Tripwire Binaries 100 0 0 0
OS executables and libraries 100 0 0 0
File System and Disk Administraton Programs
100 0 0 0
Networking Programs 100 0 0 0
System Administration Programs 100 0 0 0
Operating System Utilities 100 0 0 0
Critical Utility Sym-Links 100 0 0 0
Shell Binaries 100 0 0 0
* Security Control 100 0 0 3
Login Scripts 100 0 0 0
* Critical configuration files 100 0 1 5
* System boot changes 100 7 0 2
User binaries 66 0 0 0
Kernel Administration Programs 100 0 0 0
Hardware and Device Control Programs
100 0 0 0
System Information Programs 100 0 0 0
Application Information Programs
100 0 0 0
Libraries 66 0 0 0
Critical system boot files 100 0 0 0
(/boot)
* Root config files 100 81 0 1
Total objects scanned: 26919
Total violations found: 101
===============================================================================
Object Detail:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Tripwire Data Files (/opt/tripwire/db)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /opt/tripwire/db/rocks-52.sdsc.edu.twd
-------------------------------------------------------------------------------
Rule Name: Security Control (/etc/group)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/group
Property: Expected Observed
------------- ----------- -----------
* Inode Number 510344 510357
* Size 607 1239
* Modify Time Tue Dec 13 10:56:04 2005 Wed Dec 14 12:40:58 2005
* Change Time Tue Dec 13 10:56:04 2005 Wed Dec 14 12:40:58 2005
* CRC32 B6unq/ A8Tu4j
* MD5 CvCOooDPxRgKZo6RUiUc9T A3NwxjryKsZj/uEq946TQ7
-------------------------------------------------------------------------------
Rule Name: Security Control (/etc/security)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /etc/security/ca/ca.serial
Property: Expected Observed
------------- ----------- -----------
* Modify Time Tue Dec 13 10:49:22 2005 Tue Dec 13 19:26:36 2005
* Change Time Tue Dec 13 10:49:22 2005 Tue Dec 13 19:26:36 2005
* CRC32 Dg1W63 AnWLh3
* MD5 BysqyQ9/P/B1qTfWvo/D3D BztMIOWY1rSV3nUVrU6i/c
Modified object name: /etc/security/ca/new-certs
Property: Expected Observed
------------- ----------- -----------
* Modify Time Tue Dec 13 10:49:20 2005 Tue Dec 13 19:26:36 2005
* Change Time Tue Dec 13 10:49:21 2005 Tue Dec 13 19:26:36 2005
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/rc.d)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Removed Objects: 1
----------------------------------------
Removed object name: /etc/rc.d/rocksconfig.d/post-99-tripwire
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/rc.d/rocksconfig.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Tue Dec 13 10:59:00 2005 Tue Dec 13 11:01:56 2005
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/sysconfig)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /etc/sysconfig
Property: Expected Observed
------------- ----------- -----------
* Modify Time Tue Dec 13 10:49:42 2005 Tue Dec 13 21:01:05 2005
Modified object name: /etc/sysconfig/iptables
Property: Expected Observed
------------- ----------- -----------
* Inode Number 509971 510429
* Size 1057 1055
* Modify Time Tue Dec 13 10:49:23 2005 Tue Dec 13 21:01:03 2005
* CRC32 DuL6gP CIa/qU
* MD5 C0X3/8Qa2o2WugKfzRvJzs DqefhsaGBTER3yoHL6ktqX
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/group-)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/group-
Property: Expected Observed
------------- ----------- -----------
* Size 593 1223
* Modify Time Tue Dec 13 10:49:18 2005 Tue Dec 13 16:40:00 2005
* CRC32 CulqO3 DkCYYH
* MD5 DrXH7wKWwu0pNZLG7mvfxK AijpOf9SKqPHWwbVqtXiF0
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/passwd)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/passwd
Property: Expected Observed
------------- ----------- -----------
* Inode Number 510423 510345
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/log)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 7
----------------------------------------
Added object name: /var/log/sa/sar13
Added object name: /var/log/sa/sar14
Added object name: /var/log/sa/sa14
Added object name: /var/log/sa/sar15
Added object name: /var/log/sa/sa16
Added object name: /var/log/sa/sa15
Added object name: /var/log/rpmpkgs
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/run)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /var/run/dhcpd.pid
Property: Expected Observed
------------- ----------- -----------
* Inode Number 476276 476500
Modified object name: /var/run/ntpd.pid
Property: Expected Observed
------------- ----------- -----------
* Inode Number 476493 476287
-------------------------------------------------------------------------------
Rule Name: Root config files (/root)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 76
----------------------------------------
Added object name: /root/BUILD
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/Makefile
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/install-sh
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-ssl-utils.pl
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/configure
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/grid-security.conf.02c4bb32
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/02c4bb32.signing_policy
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/Makefile.am
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/02c4bb32.0
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/globus_automake_pre_top
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/globus-ssl.conf
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/missing
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/Makefile.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-gsi.pl
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-ssl-utils.02c4bb32
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/grid-security-config.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/config.log
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-ssl-utils-sh-scripts.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/globus_automake_post_top
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/ltconfig
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/config.cache
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/aclocal.m4
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/grid-cert-request-config.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/bootstrap
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/ltmain.sh
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/globus_automake_pre
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-ssl-utils-sh-scripts
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/configure.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-ssl-utils
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/setup-gsi
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/Makefile
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/Makefile.am
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/Makefile.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_src.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/noflavor_rtl.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/noflavor_doc.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_noflavor_data.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_noflavor_pgm_static.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_noflavor_pgm.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/noflavor_pgm.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_noflavor_rtl.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_noflavor_doc.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/master.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_src.gpt.in
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/noflavor_dev.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/noflavor_pgm_static.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/pkg_data_noflavor_dev.gpt
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/pkgdata/noflavor_data.filelist
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/globus_automake_post
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/config.status
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/config.sub
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/mkinstalldirs
Added object name: /root/BUILD/globus_simple_ca_02c4bb32_setup-0.18/config.guess
Added object name: /root/build.log
Added object name: /root/.rnd
Added object name: /root/.mysql_history
Added object name: /root/.globus
Added object name: /root/.globus/simpleCA
Added object name: /root/.globus/simpleCA/serial
Added object name: /root/.globus/simpleCA/index.txt
Added object name: /root/.globus/simpleCA/crl
Added object name: /root/.globus/simpleCA/private
Added object name: /root/.globus/simpleCA/private/cakey.pem
Added object name: /root/.globus/simpleCA/globus_simple_ca_02c4bb32_setup-0.18.tar.gz
Added object name: /root/.globus/simpleCA/newcerts
Added object name: /root/.globus/simpleCA/newcerts/01.pem
Added object name: /root/.globus/simpleCA/newcerts/02.pem
Added object name: /root/.globus/simpleCA/index.txt.attr
Added object name: /root/.globus/simpleCA/grid-ca-ssl.conf
Added object name: /root/.globus/simpleCA/serial.old
Added object name: /root/.globus/simpleCA/certs
Added object name: /root/.globus/simpleCA/cacert.pem
Added object name: /root/.globus/simpleCA/index.txt.attr.old
Added object name: /root/.globus/simpleCA/index.txt.old
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /root
Property: Expected Observed
------------- ----------- -----------
* Num Links 10 12
* Change Time Tue Dec 13 10:49:58 2005 Thu Dec 15 14:38:33 2005
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.bash_history)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /root/.bash_history
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.ssh)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /root/.ssh/known_hosts
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.ssh/authorized_keys)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /root/.ssh/authorized_keys
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.ssh/id_rsa)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /root/.ssh/id_rsa
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.ssh/id_rsa.pub)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /root/.ssh/id_rsa.pub
===============================================================================
Error Report:
===============================================================================
No Errors
-------------------------------------------------------------------------------
*** End of report ***
Tripwire 2.3 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.