From owner-freebsd-security Sun Oct 24 4: 7:52 1999 Delivered-To: freebsd-security@freebsd.org Received: from gerpa.ru (gerpa.ru [212.24.32.162]) by hub.freebsd.org (Postfix) with ESMTP id BE6EA14BE3 for ; Sun, 24 Oct 1999 04:06:49 -0700 (PDT) (envelope-from matrix@gerpa.ru) Received: from m1 (p188.pol.ru [212.24.38.188]) by gerpa.ru (8.9.3/8.9.3) with SMTP id PAA13240 for ; Sun, 24 Oct 1999 15:16:37 +0400 (MSD) Message-ID: <001b01bf1e10$20288660$0100a8c0@m1> From: "Artem Koutchine" To: Subject: file security utility Date: Sun, 24 Oct 1999 15:08:27 +0400 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.1 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I don't know is such utility already exists so here is what i need it to do: 1) Check files using filters and all specified filesystems for change in size/date/time/mode/owner/name change 2) Files/Dirs/Filesystems must be groupped into several types and for each type must be specified allowed (not dangerous) modifications (chmod and mask, owner and list of possible owners, size and range for size, name change and regexp for name, access and time range for possible access and so on, deletion) 3) Only for those files/dirs/filesystems which have been changes in a dangerous manner (not described as allowed) a report is generated. Or, at least, they are put first, so i don't have to look through a long list of modified files. Is there such utility ? If not I'll do it (i hope), because i really need it. Also, the tech question is how do i detect renaming. I quite sure that file is not just specified by its name by i-node or something. So, so do i detect that a file has been renamed but it is still the same file? Artem Koutchine (Артем Кучин) Sys/Net/Web Admin, Web Designer, Programmer WWW: http://idesign.pp.ru E-Mail: matrix@chat.ru No attachments w/o my permission!!! (Не присылайте файлы без разрешения!!!) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message