Stealth V. 4.01.10
Frank B. Brokken
Center for Information Technology, University of Groningen
2005-2018
Table of Contents
- 3.0.1: The monitor's user: creating an ssh-key
- 3.0.2: The client's account: accepting ssh from the monitor's user
- 3.0.3: Logging into the account@client account
- 3.0.4: Using the proper shell
- 4.3.1: LABEL commands
- 4.3.2: LOCAL commands
- 4.3.3: REMOTE commands
- 4.3.4: Preventing Controller Denial of Service (--max-size)
- 5.2.1: Rsyslog filtering
- 5.3.1: DEFINE directives
- 5.3.2: USE directives
- 5.3.3: Commands
- 5.3.3.1: Obtaining the client's sha1sum program
- 5.3.3.2: Checking the integrity of the client's sha1sum program
- 5.3.3.3: Checking the client's /usr/bin/find program
- 5.3.3.4: Checking the client's setuid/setgid files
- 5.3.3.5: Checking the configuration files in the client's /etc/ directory
- 5.3.4: The complete `policy' file
- 5.4.1: The mailed report
- 5.4.2: Files under /root/stealth/client
- 5.5.1: All files unaltered
- 5.5.2: Modifications occurred
- 5.5.3: Failing LOCAL commands
- 5.5.4: Skipping (some) integrity checks
- 5.7.1: Status file cleanup
- 5.7.2: Using `logrotate' to control report- and status files