[osiris-devel] Configuration issues
Thomas Jones
thomas.jones at linux-howtos.com
Tue Mar 30 16:16:58 EST 2004
Brian,
I have been playing with various "small" configuration changes and documenting
the results. I've noticed some peculiar behaviors. Jason Frisvold had brought
up documentation inconsistencies invloving the NoEntry directive. I found
that the following to be true for the 3.0.4-current release:
- NoEntry has no effect on the scanners direction. i.e. with or without is no
difference.
- However, the Exclude file ("whatever") directive does the job of removing a
directory and it contents from a scan. I believe that this may be a
documentation issue.
- I ran a scan with the following rule: Exclude header ("63 30 31") and it
produced checksum errors on completely unrelated files??? I don't know about
this one. I will check the logs more closely.
- The exclusion directive( and probably inclusion as well) is NOT
case-sensitive. This could be a BIG issue later. I was attempting to exclude
the System.map-2.4.21-199-athlon file from the /boot directory. I put in the
following rule - Exclude file ("S"). This removes ALL files with "S" or "s"
in it. Equivalent to [Ss].
- I went ahead and manually changed the rule to both ("Sy") and ("sy") to see
changes ---- it now only removed the file i wanted System.map*. But with both
rules it does the same. So it seems broken. Or maybe that's the intended
behavior.
I have all the logs and databases from my tests. And i documented each case in
my configuration file. So if you need these; it should help out alot.
;(
Thomas
More information about the osiris-devel
mailing list