The Samhain Host Integrity Monitoring System | ||
---|---|---|
Prev | Appendix A. List of options for the ./configure script | Next |
These are all client-only options, as the server does not perform any checks (if you want to run checks on the log server host, you need to run a client there as well).
[CLIENT ONLY] Compile in the module to watch for login/logout events.
[CLIENT ONLY] Compile in the module to check for correct mount options.
[CLIENT ONLY] Compile in the module to check for files in user home directories (i.e. with paths relative to $HOME for all users).
[CLIENT ONLY] Compile in the module to check file system for SUID/SGID binaries not in the database.
[CLIENT ONLY] (Linux/FreeBSD/OpenBSD only) Compile in the module to check for runtime kernel modifications (e.g. clobbered kernel syscalls) to detect kernel-level rootkits. SYSTEM_MAP must be the path to the System.map file corresponding to the kernel.