balz
Hi Linux Guru's
I just installed Tiger (part of TAMU) and it seemed to install without any problems but I can't get it to run the audit script ./tiger - I am running Redhat 8.0 and here's what I did.
I used the '# make install' and created the config files in the /usr/local/tiger directory
I created 3 temporary directories used for the scratchpad during auditing called /var/spool/tiger - /var/spool/tiger/logs - var/spool/tiger/work
Looked at the /usr/local/tiger/tigerrc file but left it with the default settings.
from the /usr/local/tiger directory ran #./tiger as root and got this mesage.
Configuring...
Will try to check using config for 'i686' running Linux 2.4.18-24.8.0...
--CONFIG-- [con005c] Using configuration files for Linux 2.4.18-24.8.0. Using
configuration files for generic Linux 2.
Not all checks may be performed.
Now I am not sure but I think this isn't working because no security report as been issued and I did this about 30 mins ago. I am the only user with little data on the hd so I would think it would be a fairly quick process...perhaps I am wrong. Anyways I am fairly new to Redhat so I need the experience of you Linux Guru's out there. Let me know what I did wrong and if I left anything out I appologize and will re-post with the info required. Thanks in advance.
B
I just installed Tiger (part of TAMU) and it seemed to install without any problems but I can't get it to run the audit script ./tiger - I am running Redhat 8.0 and here's what I did.
I used the '# make install' and created the config files in the /usr/local/tiger directory
I created 3 temporary directories used for the scratchpad during auditing called /var/spool/tiger - /var/spool/tiger/logs - var/spool/tiger/work
Looked at the /usr/local/tiger/tigerrc file but left it with the default settings.
from the /usr/local/tiger directory ran #./tiger as root and got this mesage.
Configuring...
Will try to check using config for 'i686' running Linux 2.4.18-24.8.0...
--CONFIG-- [con005c] Using configuration files for Linux 2.4.18-24.8.0. Using
configuration files for generic Linux 2.
Not all checks may be performed.
Now I am not sure but I think this isn't working because no security report as been issued and I did this about 30 mins ago. I am the only user with little data on the hd so I would think it would be a fairly quick process...perhaps I am wrong. Anyways I am fairly new to Redhat so I need the experience of you Linux Guru's out there. Let me know what I did wrong and if I left anything out I appologize and will re-post with the info required. Thanks in advance.
B
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
balz
OP
Hey,
Not sure if the question I posted earlier is a stupid one I am a newbie to Redhat and really have no clue what's going on...yet! Anyhow, I have some questions about Tripwire if anyone want to help with that...here goes:
The tripwire db is installed and working but it will not let me edit the twpol.txt file and run the --update-policy
When I first initialized the tripwire db I got a lot of these types of errors
### Warning: File sytem error
### Filename: /sbin/ip6tables
### No such file or directory
### Continuing...
I edited the twpol.txt file and commented out the files. Now I get errors and it fails update the twpol file so I can't rebuild the database. Any clues? I am lost as usual.
B
Not sure if the question I posted earlier is a stupid one I am a newbie to Redhat and really have no clue what's going on...yet! Anyhow, I have some questions about Tripwire if anyone want to help with that...here goes:
The tripwire db is installed and working but it will not let me edit the twpol.txt file and run the --update-policy
When I first initialized the tripwire db I got a lot of these types of errors
### Warning: File sytem error
### Filename: /sbin/ip6tables
### No such file or directory
### Continuing...
I edited the twpol.txt file and commented out the files. Now I get errors and it fails update the twpol file so I can't rebuild the database. Any clues? I am lost as usual.
B
