Tripwire Report for rama.phy.mtu.edu
logger: Tripwire: MD5 : 13304bc60dee9b567deb1c21c2a518f5 /opt/tripwire/etc/tw.pol logger: Tripwire: MD5 : 96f4a725e10797eae9bc1e97cb336894 /opt/tripwire/etc/tw.cfg logger: Tripwire: MD5 : 21b71e3a3e70f188620a77cbbe6fe4c2 /opt/tripwire/sbin/tripwire
logger: Tripwire: MD5 : 13304bc60dee9b567deb1c21c2a518f5 /opt/tripwire/etc/tw.pol
logger: Tripwire: MD5 : 96f4a725e10797eae9bc1e97cb336894 /opt/tripwire/etc/tw.cfg
logger: Tripwire: MD5 : 21b71e3a3e70f188620a77cbbe6fe4c2 /opt/tripwire/sbin/tripwire
Note: Report is not encrypted.
Open Source Tripwire(R) 2.4.1 Integrity Check Report
Report generated by: root
Report created on: Sun Nov 22 04:02:40 2009
Database last updated on: Never
===============================================================================
Report Summary:
===============================================================================
Host name: rama.phy.mtu.edu
Host IP address: 141.219.155.53
Host ID: None
Policy file used: /opt/tripwire/etc/tw.pol
Configuration file used: /opt/tripwire/etc/tw.cfg
Database file used: /opt/tripwire/db/rama.phy.mtu.edu.twd
Command line used: /opt/tripwire/sbin/tripwire --check --cfgfile /opt/tripwire/etc/tw.cfg
===============================================================================
Rule Summary:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
Rule Name Severity Level Added Removed Modified
--------- -------------- ----- ------- --------
Invariant Directories 66 0 0 0
* Tripwire Data Files 100 1 0 0
Critical devices 100 0 0 0
Tripwire Binaries 100 0 0 0
* User binaries 66 9 0 12
* File System and Disk Administraton Programs
100 0 0 1
Kernel Administration Programs 100 0 0 0
Networking Programs 100 0 0 0
System Administration Programs 100 0 0 0
Hardware and Device Control Programs
100 0 0 0
System Information Programs 100 0 0 0
Application Information Programs
100 0 0 0
Critical Utility Sym-Links 100 0 0 0
* Security Control 100 0 0 2
Login Scripts 100 0 0 0
* Critical configuration files 100 0 1 28
* System boot changes 100 55 0 26
* OS executables and libraries 100 0 0 1
* Operating System Utilities 100 0 0 2
* Shell Binaries 100 0 0 2
* Libraries 66 57 0 3
Critical system boot files 100 0 0 0
(/boot)
* Root config files 100 10 0 4
Total objects scanned: 18507
Total violations found: 214
===============================================================================
Object Detail:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Tripwire Data Files (/opt/tripwire/db)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /opt/tripwire/db/rama.phy.mtu.edu.twd
-------------------------------------------------------------------------------
Rule Name: User binaries (/sbin)
Severity Level: 66
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 3
----------------------------------------
Modified object name: /sbin
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 10:15:14 2009 Thu Nov 5 04:03:06 2009
Modified object name: /sbin/multipathd
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3159920 3159930
* CRC32 A2Eqgw Dfre/C
* MD5 AaF2xoKHB2joTpfQI6OXcs BvDXHBQ+FZ3sYU8IWJDM5v
Modified object name: /sbin/partprobe
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3159930 3160005
* CRC32 CqDUAe B+/qSY
* MD5 BuEQCneqxPINToCF+j+FC1 DEY64lbmwaY2RUleR47GX7
-------------------------------------------------------------------------------
Rule Name: File System and Disk Administraton Programs (/sbin/parted)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /sbin/parted
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3160036 3159915
* Change Time Fri Sep 11 10:14:29 2009 Thu Nov 5 04:03:06 2009
* CRC32 BPvJ2N A/W1w6
* MD5 AQDlQ5h71IPKjdfX1tE6+h Dwut+MyL9US4Ss33sZF8uQ
-------------------------------------------------------------------------------
Rule Name: Security Control (/etc/group)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/group
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240237 1240275
* Size 757 772
* Modify Time Thu Sep 10 16:49:58 2009 Tue Sep 22 09:59:55 2009
* Change Time Thu Sep 10 16:49:58 2009 Tue Sep 22 09:59:55 2009
* CRC32 CCSYQ1 CZpbyc
* MD5 AQMP/OwPDt5zszHT/Phec+ AbzlQ8StBvYwoShEjYq1oI
-------------------------------------------------------------------------------
Rule Name: Security Control (/etc/security)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/security/ca/new-certs
Property: Expected Observed
------------- ----------- -----------
* Modify Time Thu Sep 10 16:49:48 2009 Mon Nov 16 17:37:20 2009
* Change Time Thu Sep 10 16:49:48 2009 Mon Nov 16 17:37:20 2009
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/rc.d)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Removed Objects: 1
----------------------------------------
Removed object name: /etc/rc.d/rocksconfig.d/post-99-tripwire
----------------------------------------
Modified Objects: 20
----------------------------------------
Modified object name: /etc/rc.d/rc0.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc0.d/K50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc1.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc1.d/K50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc1.d/K90network
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc2.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc2.d/K50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc2.d/S10network
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc3.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc3.d/S10network
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc3.d/S50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240219 1240084
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc4.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc4.d/K50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240250 1240123
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc4.d/S10network
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc5.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc5.d/S10network
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc5.d/S50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240253 1240219
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc6.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rc6.d/K50sgemaster.rama
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240269 1240250
* Modify Time Fri Sep 11 15:35:50 2009 Thu Sep 17 09:33:01 2009
Modified object name: /etc/rc.d/rocksconfig.d
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:33:21 2009 Fri Sep 11 15:37:28 2009
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/sysconfig)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /etc/sysconfig
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:33:02 2009 Wed Oct 21 14:49:54 2009
Modified object name: /etc/sysconfig/iptables
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240053 1239580
* Size 1219 1464
* Modify Time Thu Sep 10 12:51:46 2009 Tue Sep 22 10:09:59 2009
* CRC32 DuXMan CqEmqA
* MD5 Bqr6TMUF+JF7IEZohdMOXh AGYcgd5VewIPNjkQ1wVX7x
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/group-)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/group-
Property: Expected Observed
------------- ----------- -----------
* Size 746 757
* Modify Time Thu Sep 10 16:49:55 2009 Thu Sep 10 16:49:58 2009
* CRC32 AoJyBu CCSYQ1
* MD5 A/M/IXS2GQDtJdUXjACei2 AQMP/OwPDt5zszHT/Phec+
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/hosts.allow)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/hosts.allow
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1237916 1240271
* Size 161 1348
* Modify Time Wed Jan 12 18:18:52 2000 Fri Nov 13 17:08:44 2009
* CRC32 DdErEM Af5y6M
* MD5 Al/XqKnsR5SWDvGYpg9m0i CizLZl5YILNdZFfOJGaabq
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/hosts.deny)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/hosts.deny
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1237917 1240237
* Size 347 428
* Modify Time Wed Jan 12 18:18:52 2000 Tue Sep 22 10:27:16 2009
* CRC32 AL0Sse BPZuk9
* MD5 BwyUOmEBmHF8gn0nNWp57G B9kSPmcsPxM1vveEIzyhXG
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/motd)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/motd
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1238849 1240260
* Size 87 325
* Modify Time Thu Sep 10 12:51:46 2009 Mon Sep 28 10:19:29 2009
* CRC32 B2AE/L Dg/A81
* MD5 D5nT+vYtqH60809cnsZZl+ AJaVseuSkT8kLw8xjSwNak
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/passwd)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/passwd
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1240239 1240269
-------------------------------------------------------------------------------
Rule Name: OS executables and libraries (/bin)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /bin
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 10:15:15 2009 Thu Nov 5 04:03:06 2009
-------------------------------------------------------------------------------
Rule Name: Operating System Utilities (/bin/more)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /bin/more
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3355377 3355375
* Change Time Fri Sep 11 10:14:32 2009 Thu Nov 5 04:03:06 2009
* CRC32 AXKQiT DFoois
* MD5 AWHBahDGDykSHkf9AGqUUG Bjlc7lEPjXwTmuNEBRz/GZ
-------------------------------------------------------------------------------
Rule Name: Operating System Utilities (/bin/vi)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /bin/vi
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3355375 3355331
* Change Time Fri Sep 11 10:14:48 2009 Thu Nov 5 04:03:06 2009
* CRC32 Cl2BCL Bp+khH
* MD5 AxEY7sYurz/7l1fk97F+RL D6C6Ha2UW32noszJFm1GWe
-------------------------------------------------------------------------------
Rule Name: Shell Binaries (/bin/bash)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /bin/bash
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3355414 3355343
* CRC32 B+9zq0 AZX4m4
* MD5 DzyrKH34XNQMbWkrYmKDuS A+dN8MV+sxRLDO8lqa20wr
-------------------------------------------------------------------------------
Rule Name: Shell Binaries (/bin/tcsh)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /bin/tcsh
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3355420 3355377
* CRC32 BSbffQ AhCYJ7
* MD5 Bj9mIKBTMJiLw1T+fRaAce Bh+jQdBMBFtx6Fl1xOYsjm
-------------------------------------------------------------------------------
Rule Name: User binaries (/usr/sbin)
Severity Level: 66
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /usr/sbin
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 10:15:15 2009 Thu Nov 5 04:03:06 2009
Modified object name: /usr/sbin/lvm
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4477025 4473641
* CRC32 CGAafr A81z/n
* MD5 Czd1izAL4Gsg/XfmxR7u7t AK93vqHhDet0btKCOdzJod
-------------------------------------------------------------------------------
Rule Name: User binaries (/usr/bin)
Severity Level: 66
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 9
----------------------------------------
Added object name: /usr/bin/x86_64-redhat-linux-c++34
Added object name: /usr/bin/x86_64-redhat-linux-gcc34
Added object name: /usr/bin/gcc34
Added object name: /usr/bin/f77
Added object name: /usr/bin/x86_64-redhat-linux-g++34
Added object name: /usr/bin/gcov34
Added object name: /usr/bin/g77
Added object name: /usr/bin/gnuplot
Added object name: /usr/bin/g++34
----------------------------------------
Modified Objects: 7
----------------------------------------
Modified object name: /usr/bin
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:33:23 2009 Thu Nov 5 04:03:06 2009
Modified object name: /usr/bin/bc
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4491669 4476592
* CRC32 DXL/m5 DvNTPp
* MD5 CsvX/xbZ0gD9GTngOtldOx AciaflE700t6l0imenuhhN
Modified object name: /usr/bin/escputil
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4471482 4476580
* CRC32 AhI4Hl Do8KWb
* MD5 CKoyYDNec5Hi5NE7gkj2wO C4gGJPLjeFb2gGxMGWhf52
Modified object name: /usr/bin/ftp
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4473919 4476643
* CRC32 DWz7yB DmrWUr
* MD5 AE9S/V7+V0iNfu8rVD4uO6 Dsn3lUDX7RVD/5mWD1yzpi
Modified object name: /usr/bin/lftp
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4473641 4471482
* CRC32 D93zNK CcfWqv
* MD5 BsITUJ5bNrJouwR2XduHxh AYTzk5hvh595pFAcT0QhsA
Modified object name: /usr/bin/sqlite3
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4480894 4476590
* CRC32 CVPR9B A7LErx
* MD5 CGzERrRIbK6a3MKAjIrMSu Do7AbumfS17DKjh39wq02O
Modified object name: /usr/bin/xterm
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4476963 4471779
* CRC32 AWg/YN A00DSv
* MD5 Djh1oOon1kZmzEBKi7YTV9 Bqij9k+/48CSebHv03HQNH
-------------------------------------------------------------------------------
Rule Name: Libraries (/usr/lib)
Severity Level: 66
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 57
----------------------------------------
Added object name: /usr/lib/libstdc++-3-libc6.2-2-2.10.0.so
Added object name: /usr/lib/libstdc++.so.5
Added object name: /usr/lib/libstdc++.so.5.0.7
Added object name: /usr/lib/libstdc++-libc6.2-2.so.3
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libstdc++.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libsupc++.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libstdc++.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libstdc++_shared.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libstdc++_nonshared.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/crtbeginS.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libgcc_eh.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/crtbegin.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libstdc++.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libsupc++.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libstdc++.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libstdc++_shared.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libstdc++_nonshared.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/crtbeginS.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libgcc_eh.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/crtbegin.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libfrtbegin.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libgcc.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libg2c.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libg2c.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/crtbeginT.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/libgcov.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/crtendS.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/32/crtend.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libfrtbegin.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libgcc.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libg2c.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libg2c.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/crtbeginT.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libgcov.a
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/crtendS.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/crtend.o
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libgcc_s.so
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/specs
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/xmmintrin.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/unwind.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/stdbool.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/limits.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/README
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/stddef.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/stdarg.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/g2c.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/syslimits.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/varargs.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/emmintrin.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/float.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/iso646.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/mmintrin.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/pmmintrin.h
Added object name: /usr/lib/gcc/x86_64-redhat-linux/3.4.6/libgcc_s_32.so
----------------------------------------
Modified Objects: 3
----------------------------------------
Modified object name: /usr/lib
Property: Expected Observed
------------- ----------- -----------
* Modify Time Fri Sep 11 15:33:24 2009 Wed Sep 23 10:18:52 2009
Modified object name: /usr/lib/gcc
Property: Expected Observed
------------- ----------- -----------
* Modify Time Thu May 14 13:20:03 2009 Wed Aug 23 05:18:26 2006
Modified object name: /usr/lib/gcc/x86_64-redhat-linux
Property: Expected Observed
------------- ----------- -----------
* Num Links 3 4
* Modify Time Thu Sep 10 16:37:13 2009 Wed Aug 23 05:18:26 2006
-------------------------------------------------------------------------------
Rule Name: System boot changes (/lib/modules)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 11
----------------------------------------
Modified object name: /lib/modules/2.6.18-164.el5/modules.alias
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237178 4237176
Modified object name: /lib/modules/2.6.18-164.el5/modules.ccwmap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237184 4237182
Modified object name: /lib/modules/2.6.18-164.el5/modules.dep
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237181 4237179
Modified object name: /lib/modules/2.6.18-164.el5/modules.ieee1394map
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237185 4235101
Modified object name: /lib/modules/2.6.18-164.el5/modules.inputmap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237175 4237185
Modified object name: /lib/modules/2.6.18-164.el5/modules.isapnpmap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237188 4237184
Modified object name: /lib/modules/2.6.18-164.el5/modules.ofmap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237176 4237188
Modified object name: /lib/modules/2.6.18-164.el5/modules.pcimap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237182 4237180
Modified object name: /lib/modules/2.6.18-164.el5/modules.seriomap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237177 4237175
Modified object name: /lib/modules/2.6.18-164.el5/modules.symbols
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4237179 4237177
Modified object name: /lib/modules/2.6.18-164.el5/modules.usbmap
Property: Expected Observed
------------- ----------- -----------
* Inode Number 4235101 4237181
-------------------------------------------------------------------------------
Rule Name: System boot changes (/dev/log)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /dev/log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 6422 1957977
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/var/lib/nfs/rmtab)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /var/lib/nfs/rmtab
Property: Expected Observed
------------- ----------- -----------
* Inode Number 195625 195803
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/log)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 54
----------------------------------------
Added object name: /var/log/httpd/ssl_access_log.3
Added object name: /var/log/httpd/error_log.1
Added object name: /var/log/httpd/error_log.3
Added object name: /var/log/httpd/ssl_error_log.3
Added object name: /var/log/httpd/access_log.4
Added object name: /var/log/httpd/ssl_request_log.3
Added object name: /var/log/httpd/ssl_request_log.2
Added object name: /var/log/httpd/ssl_request_log.1
Added object name: /var/log/httpd/error_log.4
Added object name: /var/log/httpd/ssl_request_log.4
Added object name: /var/log/httpd/ssl_error_log.2
Added object name: /var/log/httpd/ssl_access_log.4
Added object name: /var/log/httpd/ssl_access_log.1
Added object name: /var/log/httpd/access_log.1
Added object name: /var/log/httpd/ssl_error_log.4
Added object name: /var/log/httpd/error_log.2
Added object name: /var/log/httpd/access_log.2
Added object name: /var/log/httpd/ssl_access_log.2
Added object name: /var/log/httpd/access_log.3
Added object name: /var/log/httpd/mod_jk.log.1
Added object name: /var/log/httpd/ssl_error_log.1
Added object name: /var/log/audit/audit.log.3
Added object name: /var/log/audit/audit.log.1
Added object name: /var/log/audit/audit.log.2
Added object name: /var/log/messages.4
Added object name: /var/log/secure.4
Added object name: /var/log/boot.log.1
Added object name: /var/log/maillog.2
Added object name: /var/log/boot.log.3
Added object name: /var/log/rpmpkgs.3
Added object name: /var/log/messages.3
Added object name: /var/log/cron.2
Added object name: /var/log/spooler.4
Added object name: /var/log/maillog.4
Added object name: /var/log/spooler.3
Added object name: /var/log/secure.2
Added object name: /var/log/messages.2
Added object name: /var/log/secure.3
Added object name: /var/log/cron.3
Added object name: /var/log/rpmpkgs.2
Added object name: /var/log/spooler.1
Added object name: /var/log/maillog.1
Added object name: /var/log/cluster_mkl_install.log
Added object name: /var/log/cron.1
Added object name: /var/log/cron.4
Added object name: /var/log/rpmpkgs.4
Added object name: /var/log/maillog.3
Added object name: /var/log/boot.log.2
Added object name: /var/log/yum.log
Added object name: /var/log/secure.1
Added object name: /var/log/rpmpkgs.1
Added object name: /var/log/messages.1
Added object name: /var/log/spooler.2
Added object name: /var/log/boot.log.4
----------------------------------------
Modified Objects: 13
----------------------------------------
Modified object name: /var/log/audit/audit.log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453092 3453150
Modified object name: /var/log/boot.log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453088 3453170
Modified object name: /var/log/cron
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453095 3453172
Modified object name: /var/log/httpd/access_log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453113 3453114
Modified object name: /var/log/httpd/error_log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453111 3453127
Modified object name: /var/log/httpd/mod_jk.log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453116 3453174
Modified object name: /var/log/httpd/ssl_access_log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453114 3453141
Modified object name: /var/log/httpd/ssl_error_log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453112 3453113
Modified object name: /var/log/httpd/ssl_request_log
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453115 3453145
Modified object name: /var/log/maillog
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453072 3453111
Modified object name: /var/log/messages
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453070 3453073
Modified object name: /var/log/secure
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453071 3453088
Modified object name: /var/log/spooler
Property: Expected Observed
------------- ----------- -----------
* Inode Number 3453073 3453132
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/run)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /var/run/yum.pid
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /var/run/httpd.pid
Property: Expected Observed
------------- ----------- -----------
* Inode Number 1400814 1400815
-------------------------------------------------------------------------------
Rule Name: Root config files (/root)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 9
----------------------------------------
Added object name: /root/sge_queues
Added object name: /root/sge_queues/mpich.dump
Added object name: /root/sge_queues/q_1.q.txt
Added object name: /root/sge_queues/all.q.txt
Added object name: /root/sge_queues/q_0.q.txt
Added object name: /root/sge_queues/q_2.q.txt
Added object name: /root/20090923_rpm.txt
Added object name: /root/randomize_va_space~
Added object name: /root/.Xauthority
----------------------------------------
Modified Objects: 2
----------------------------------------
Modified object name: /root
Property: Expected Observed
------------- ----------- -----------
* Num Links 4 5
* Change Time Fri Sep 11 12:04:17 2009 Mon Nov 16 17:25:04 2009
Modified object name: /root/.lesshst
Property: Expected Observed
------------- ----------- -----------
* Size 81 181
* Change Time Fri Sep 11 11:02:04 2009 Mon Nov 16 18:41:27 2009
* CRC32 BSuQ6o AhEnNo
* MD5 Bto0/v77t2sXf3uSkl7SEO Bh1FuLJ0chgSRBAUJwhqsR
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.bashrc)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /root/.bashrc
Property: Expected Observed
------------- ----------- -----------
* Inode Number 130310 130329
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.ssh)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 1
----------------------------------------
Added object name: /root/.ssh/known_hosts
-------------------------------------------------------------------------------
Rule Name: Root config files (/root/.ssh/authorized_keys)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /root/.ssh/authorized_keys
Property: Expected Observed
------------- ----------- -----------
* Inode Number 130321 130327
===============================================================================
Error Report:
===============================================================================
No Errors
-------------------------------------------------------------------------------
*** End of report ***
Open Source Tripwire 2.4 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.