{"id":405,"date":"2017-12-03T08:00:48","date_gmt":"2017-12-02T23:00:48","guid":{"rendered":"https:\/\/www.itc109.com\/knowledge\/?p=405"},"modified":"2023-09-03T04:21:03","modified_gmt":"2023-09-02T19:21:03","slug":"tripwire-setup","status":"publish","type":"post","link":"https:\/\/www.itc109.com\/knowledge\/linux\/tripwire-setup","title":{"rendered":"Tripwire – \u6539\u3056\u3093\u691c\u77e5\u306e\u5c0e\u5165\u624b\u9806"},"content":{"rendered":"

\u6982\u8981<\/strong><\/h4>\n\n\n

Web\u30b5\u30a4\u30c8\u306e\u6539\u3056\u3093\u691c\u77e5\u3068\u3057\u3066\u4ee5\u4e0b\u306e\u30c4\u30fc\u30eb\u3092\u5c0e\u5165\u3059\u308b\u624b\u9806\u306b\u3064\u3044\u3066\u8a18\u8f09\u3002<\/p>\n

    \n
  • Tripwire : \u6539\u3056\u3093\u691c\u77e5<\/li>\n
  • postfix : SMTP relay<\/li>\n
  • AWS SES : SMTP<\/li>\n
  • cron : \u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u8d77\u52d5<\/li>\n<\/ul>\n<\/div>\n\n\n

    \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/strong><\/h4>\n
    <\/pre>\n\n\n
    1.tripwire\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3002<\/strong><\/p>\n<\/div>\n\n\n\n
    yum --enablerepo=epel -y install tripwire<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    \u8aad\u307f\u8fbc\u3093\u3060\u30d7\u30e9\u30b0\u30a4\u30f3:priorities, update-motd, upgrade-helper\nepel\/x86_64\/metalink                                     | 3.7 kB     00:00\nepel                                                     | 4.3 kB     00:00\n(1\/3): epel\/x86_64\/group_gz                                | 150 kB   00:00\n(2\/3): epel\/x86_64\/updateinfo                              | 760 kB   00:00\n(3\/3): epel\/x86_64\/primary_db                              | 5.9 MB   00:00\n1041 packages excluded due to repository priority protections\n\u4f9d\u5b58\u6027\u306e\u89e3\u6c7a\u3092\u3057\u3066\u3044\u307e\u3059\n--> \u30c8\u30e9\u30f3\u30b6\u30af\u30b7\u30e7\u30f3\u306e\u78ba\u8a8d\u3092\u5b9f\u884c\u3057\u3066\u3044\u307e\u3059\u3002\n---> \u30d1\u30c3\u30b1\u30fc\u30b8 tripwire.x86_64 0:2.4.3.5-1.el6 \u3092 \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\n--> \u4f9d\u5b58\u6027\u89e3\u6c7a\u3092\u7d42\u4e86\u3057\u307e\u3057\u305f\u3002\n\n\u4f9d\u5b58\u6027\u3092\u89e3\u6c7a\u3057\u307e\u3057\u305f\n\n================================================================================\n Package           \u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u30fc\n                                   \u30d0\u30fc\u30b8\u30e7\u30f3               \u30ea\u30dd\u30b8\u30c8\u30ea\u30fc   \u5bb9\u91cf\n================================================================================\n\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u4e2d:\n tripwire          x86_64          2.4.3.5-1.el6            epel          1.4 M\n\n\u30c8\u30e9\u30f3\u30b6\u30af\u30b7\u30e7\u30f3\u306e\u8981\u7d04\n================================================================================\n\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb  1 \u30d1\u30c3\u30b1\u30fc\u30b8\n\n\u7dcf\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u5bb9\u91cf: 1.4 M\n\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u5bb9\u91cf: 4.0 M\nDownloading packages:\n\u8b66\u544a: \/var\/cache\/yum\/x86_64\/latest\/epel\/packages\/tripwire-2.4.3.5-1.el6.x86_64.rpm: \u30d8\u30c3\u30c0\u30fc V3 RSA\/SHA256 Signature\u3001\u9375 ID 0608b895: NOKEY\ntripwire-2.4.3.5-1.el6.x86_64.rpm \u306e\u516c\u958b\u9375\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u307e\u305b\u3093\ntripwire-2.4.3.5-1.el6.x86_64.rpm                          | 1.4 MB   00:00\nfile:\/\/\/etc\/pki\/rpm-gpg\/RPM-GPG-KEY-EPEL-6 \u304b\u3089\u9375\u3092\u53d6\u5f97\u4e2d\u3067\u3059\u3002\nImporting GPG key 0x0608B895:\n Userid     : "EPEL (6) <epel@fedoraproject.org>"\n Fingerprint: 8c3b e96a f230 9184 da5c 0dae 3b49 df2a 0608 b895\n Package    : epel-release-6-8.9.amzn1.noarch (installed)\n From       : \/etc\/pki\/rpm-gpg\/RPM-GPG-KEY-EPEL-6\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u4e2d          : tripwire-2.4.3.5-1.el6.x86_64                   1\/1\n  \u691c\u8a3c\u4e2d                  : tripwire-2.4.3.5-1.el6.x86_64                   1\/1\n\n\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb:\n  tripwire.x86_64 0:2.4.3.5-1.el6\n\n\u5b8c\u4e86\u3057\u307e\u3057\u305f!<\/code><\/pre><\/div>\n\n\n
    \u74b0\u5883\u8a2d\u5b9a<\/strong><\/h4>\n
    <\/pre>\n\n\n
    1.\u30d1\u30b9\u30d5\u30ec\u30fc\u30ba\u306e\u8a2d\u5b9a<\/strong>
    \n\u203b\u30d1\u30b9\u30d5\u30ec\u30fc\u30ba(\u30d1\u30b9\u30ef\u30fc\u30c9)\u3092\uff12\u3064\u7528\u610f\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    tripwire-setup-keyfiles<\/code><\/pre><\/div>\n\n\n\n
    ----------------------------------------------\nThe Tripwire site and local passphrases are used to sign a  variety  of\u3000files, such as the configuration, policy, and database files.\n\nPassphrases should be at least 8 characters in length and contain  both\u3000letters and numbers.\n\nSee the Tripwire manual for more information.\n\n----------------------------------------------\nCreating key files...\n\n(When selecting a passphrase, keep in mind that good passphrases typically\u3000have upper and lower case letters, digits and punctuation marks, and are\u3000at least 8 characters in length.)\n\nEnter the site keyfile passphrase:\nVerify the site keyfile passphrase:<\/code><\/pre><\/div>\n\n\n\n
    \u300csite keyfile passphrase\u300d\u3068\u3057\u3066\uff11\u3064\u76ee\u306e\u30d1\u30b9\u30d5\u30ec\u30fc\u30ba\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    Generating key (this may take several minutes)...Key generation complete.\n\n(When selecting a passphrase, keep in mind that good passphrases typically\u3000have upper and lower case letters, digits and punctuation marks, and are\u3000at least 8 characters in length.)\n\nEnter the local keyfile passphrase:\nVerify the local keyfile passphrase:<\/code><\/pre><\/div>\n\n\n\n
    \u300clocal keyfile passphrase\u300d\u3068\u3057\u3066\uff12\u3064\u76ee\u306e\u30d1\u30b9\u30d5\u30ec\u30fc\u30ba\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    Generating key (this may take several minutes)...Key generation complete.\n\n----------------------------------------------\nSigning configuration file...\nPlease enter your site passphrase:<\/code><\/pre><\/div>\n\n\n\n
    \u5148\u307b\u3069\u8a2d\u5b9a\u3057\u305f\u300csite passphrase\u300d\u3092\u5165\u529b\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    Wrote configuration file: \/etc\/tripwire\/tw.cfg\n\nA clear-text version of the Tripwire configuration file:\n\/etc\/tripwire\/twcfg.txt\nhas been preserved for your inspection.  It  is  recommended  that  you\u3000move this file to a secure location and\/or encrypt it in place (using a\u3000tool such as GPG, for example) after you have examined it.\n\n\n----------------------------------------------\nSigning policy file...\nPlease enter your site passphrase:\n\n\n\u5148\u307b\u3069\u8a2d\u5b9a\u3057\u305f\u300csite passphrase\u300d\u3092\u5165\u529b\u3057\u307e\u3059\u3002\n\nWrote policy file: \/etc\/tripwire\/tw.pol\n\nA clear-text version of the Tripwire policy file:\n\/etc\/tripwire\/twpol.txt\nhas been preserved for  your  inspection.  This  implements  a  minimal\u3000policy, intended only to test  essential  Tripwire  functionality.  You\u3000should edit the policy file to  describe  your  system,  and  then  use\u3000twadmin to generate a new signed copy of the Tripwire policy.\n\nOnce you have a satisfactory Tripwire policy file, you should move  the\u3000clear-text version to a secure location  and\/or  encrypt  it  in  place\u3000(using a tool such as GPG, for example).\n\nNow run "tripwire --init" to enter Database Initialization Mode.  This\u3000reads the policy file, generates a database based on its contents,  and\u3000then cryptographically signs the resulting  database.  Options  can  be\u3000entered on the command line to specify which policy, configuration, and\u3000key files are used  to  create  the  database.  The  filename  for  the\u3000database can be specified as well. If no  options  are  specified,  the\u3000default values from the current configuration file are used.clear-text version to a secure location  and\/or  encrypt  it  in  place\u3000(using a tool such as GPG, for example).\n\nNow run "tripwire --init" to enter Database Initialization Mode.  This\u3000reads the policy file, generates a database based on its contents,  and\u3000then cryptographically signs the resulting  database.  Options  can  be\u3000entered on the command line to specify which policy, configuration, and\u3000key files are used  to  create  the  database.  The  filename  for  the\u3000database can be specified as well. If no  options  are  specified,  the\u3000default values from the current configuration file are used.<\/code><\/pre><\/div>\n\n\n\n
    2.\u30dd\u30ea\u30b7\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u8a2d\u5b9a<\/strong><\/p>\n<\/div>\n\n\n\n
    vi \/etc\/tripwire\/twpol.txt<\/code><\/pre><\/div>\n\n\n\n
    # identifier:   tripwire IDS policy input file\n....\u7701\u7565\n@@section FS\nSEC_CRIT      = $(IgnoreNone)-SHa ; # Critical files that cannot change\nSEC_SUID      = $(IgnoreNone)-SHa ; # Binaries with the SUID or SGID flags set\nSEC_BIN       = $(ReadOnly) ; # Binaries that should not change\nSEC_CONFIG    = $(Dynamic) ; # Config files that are changed infrequently but accessed often\nSEC_LOG       = $(Growing) ; # Files that grow, but that should never change ownership\nSEC_INVARIANT = +tpug ; # Directories that should never change permission or ownership\nSIG_LOW       = 33 ; # Non-critical files that are of minimal security impact\nSIG_MED       = 66 ; # Non-critical files that are of significant security impact\nSIG_HI        = 100 ; # Critical files that are significant points of vulnerability....\n....\u4ee5\u4e0b\u7701\u7565<\/code><\/pre><\/div>\n\n\n\n
    \u7279\u5b9a\u884c\u4ee5\u964d\u3092\u524a\u9664<\/p>\n<\/div>\n\n\n\n
    # identifier:   tripwire IDS policy input file\n....\u7701\u7565\n@@section FS\nSEC_CRIT      = $(IgnoreNone)-SHa ; # Critical files that cannot change\nSEC_SUID      = $(IgnoreNone)-SHa ; # Binaries with the SUID or SGID flags set\nSEC_BIN       = $(ReadOnly) ; # Binaries that should not change\nSEC_CONFIG    = $(Dynamic) ; # Config files that are changed infrequently but accessed often\nSEC_LOG       = $(Growing) ; # Files that grow, but that should never change ownership\nSEC_INVARIANT = +tpug ; # Directories that should never change permission or ownership\nSIG_LOW       = 33 ; # Non-critical files that are of minimal security impact\nSIG_MED       = 66 ; # Non-critical files that are of significant security impact\nSIG_HI        = 100 ; # Critical files that are significant points of vulnerability \n\n--\u3053\u308c\u79fb\u884c\u3092\u524a\u9664--<\/code><\/pre><\/div>\n\n\n\n
    \u524a\u9664\u3057\u305f\u884c\u79fb\u884c\u306b\u4ee5\u4e0b\u306e\u5024\u3092\u8ffd\u52a0\u3057\u3066\u4fdd\u5b58\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    # identifier:   tripwire IDS policy input file\n....\u7701\u7565\n@@section FS\nSEC_CRIT      = $(IgnoreNone)-SHa ; # Critical files that cannot change\nSEC_SUID      = $(IgnoreNone)-SHa ; # Binaries with the SUID or SGID flags set\nSEC_BIN       = $(ReadOnly) ; # Binaries that should not change\nSEC_CONFIG    = $(Dynamic) ; # Config files that are changed infrequently but accessed often\nSEC_LOG       = $(Growing) ; # Files that grow, but that should never change ownership\nSEC_INVARIANT = +tpug ; # Directories that should never change permission or ownership\nSIG_LOW       = 33 ; # Non-critical files that are of minimal security impact\nSIG_MED       = 66 ; # Non-critical files that are of significant security impact\nSIG_HI        = 100 ; # Critical files that are significant points of vulnerability \n\n# DocumentRoot\n(\n  rulename = "Web Server DocumentRootCheck",\n  emailto = "mail@example.com"\n)\n{\n  \/var\/www\/html -> $(SEC_CRIT) ;\n}<\/code><\/pre><\/div>\n\n\n\n
    3.\u74b0\u5883\u30d5\u30a1\u30a4\u30eb\u306e\u8a2d\u5b9a<\/strong><\/p>\n<\/div>\n\n\n\n
    vi \/etc\/tripwire\/twcfg.txt<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    ROOT                   =\/usr\/sbin\nPOLFILE                =\/etc\/tripwire\/tw.pol\nDBFILE                 =\/var\/lib\/tripwire\/$(HOSTNAME).twd\nREPORTFILE             =\/var\/lib\/tripwire\/report\/$(HOSTNAME)-$(DATE).twr\nSITEKEYFILE            =\/etc\/tripwire\/site.key\nLOCALKEYFILE           =\/etc\/tripwire\/$(HOSTNAME)-local.key\nEDITOR                 =\/bin\/vi\nLATEPROMPTING          =false\nLOOSEDIRECTORYCHECKING =false\nMAILNOVIOLATIONS       =true\nEMAILREPORTLEVEL       =3\nREPORTLEVEL            =3\nMAILMETHOD             =SENDMAIL\nSYSLOGREPORTING        =false\nMAILPROGRAM            =\/usr\/sbin\/sendmail -oi -t<\/code><\/pre><\/div>\n\n\n\n
    \u4ee5\u4e0b\u306e\u5024\u306b\u4fee\u6b63\u307e\u305f\u306f\u8ffd\u52a0\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    ROOT                   =\/usr\/sbin\nPOLFILE                =\/etc\/tripwire\/tw.pol\nDBFILE                 =\/var\/lib\/tripwire\/$(HOSTNAME).twd\nREPORTFILE             =\/var\/lib\/tripwire\/report\/$(HOSTNAME)-$(DATE).twr\nSITEKEYFILE            =\/etc\/tripwire\/site.key\nLOCALKEYFILE           =\/etc\/tripwire\/$(HOSTNAME)-local.key\nEDITOR                 =\/bin\/vi\nLATEPROMPTING          =false\nLOOSEDIRECTORYCHECKING =false\nMAILNOVIOLATIONS       =true\nEMAILREPORTLEVEL       =3\nREPORTLEVEL            =3\nMAILMETHOD             =SMTP\nSYSLOGREPORTING        =false\nMAILPROGRAM            =\/usr\/sbin\/sendmail -oi \u2013t\nMAILFROMADDRESS        =mail@example.com<\/code><\/pre><\/div>\n\n\n\n
    13\u884c\u76ee\u3000SMTP\u306b\u5909\u66f4\u3057\u307e\u3059\u3002
    \n16\u884c\u76ee\u3000\u9001\u4fe1\u5143\u306e\u30e1\u30fc\u30eb\u30a2\u30c9\u30ec\u30b9\u884c\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    4.\u30dd\u30ea\u30b7\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u6697\u53f7\u5316<\/strong><\/p>\n<\/div>\n\n\n\n
     twadmin -m P -c \/etc\/tripwire\/tw.cfg -p \/etc\/tripwire\/tw.pol -S \/etc\/tripwire\/site.key \/etc\/tripwire\/twpol.txt<\/code><\/pre><\/div>\n\n\n\n
    \u300csite passphrase\u300d\u3092\u5165\u529b\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    Please enter your site passphrase:<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    Wrote policy file: \/etc\/tripwire\/tw.pol<\/code><\/pre><\/div>\n\n\n\n
    5.\u74b0\u5883\u30d5\u30a1\u30a4\u30eb\u306e\u6697\u53f7\u5316<\/strong><\/p>\n<\/div>\n\n\n\n
    twadmin -m P -c \/etc\/tripwire\/tw.cfg -p \/etc\/tripwire\/tw.pol -S \/etc\/tripwire\/site.key \/etc\/tripwire\/twpol.txt<\/code><\/pre><\/div>\n\n\n\n
    \u300csite passphrase\u300d\u3092\u5165\u529b\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    Please enter your site passphrase:<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    Wrote configuration file: \/etc\/tripwire\/tw.cfg<\/code><\/pre><\/div>\n\n\n\n
    6.\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u521d\u671f\u5316<\/strong><\/p>\n<\/div>\n\n\n\n
    tripwire --init<\/code><\/pre><\/div>\n\n\n\n
    \u300clocal passphrase\u300d\u3092\u5165\u529b\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    Please enter your local passphrase:<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    Parsing policy file: \/etc\/tripwire\/tw.pol\nGenerating the database...\n*** Processing Unix File System ***\nWrote database file: \/var\/lib\/tripwire\/ip-***-***-***-***.twd\nThe database was successfully generated.<\/code><\/pre><\/div>\n\n\n\n
    <\/p>\n<\/div>\n\n\n
    \u9001\u4fe1\u30c6\u30b9\u30c8<\/strong><\/h4>\n\n\n
    tripwire --check --email-report<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    ===============================================================================\nRule Summary:\n===============================================================================\n\n-------------------------------------------------------------------------------\n  Section: Unix File System\n-------------------------------------------------------------------------------\n\n  Rule Name                       Severity Level    Added    Removed  Modified\n  ---------                       --------------    -----    -------  --------\n  Web Server DocumentRootCheck    0                 0        0        0\n  (\/var\/www\/html)\n\nTotal objects scanned:  1\nTotal violations found:  0\n\n===============================================================================\nObject Summary:\n===============================================================================\n\n-------------------------------------------------------------------------------\n# Section: Unix File System\n-------------------------------------------------------------------------------\n\nNo violations.\n\n===============================================================================\nError Report:\n===============================================================================\n\nNo Errors<\/code><\/pre><\/div>\n\n\n\n
    \u30e1\u30fc\u30eb\u304c\u53d7\u4fe1\u3055\u308c\u3066\u3044\u308b\u4e8b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002
    \n\u203b\u53d7\u4fe1\u3067\u304d\u3066\u3044\u306a\u3044\u5834\u5408\u30ed\u30b0\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<\/div>\n\n\n\n
    sudo cat \/var\/log\/maillog<\/code><\/pre><\/div>\n\n\n
    \u6539\u3056\u3093\u691c\u77e5\u30c6\u30b9\u30c8<\/strong><\/h4>\n\n\n
    \u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u3066\u6539\u3056\u3093\u691c\u77e5\u306e\u30c6\u30b9\u30c8\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    touch \/var\/www\/html\/tripwire_test_file<\/code><\/pre><\/div>\n\n\n\n
    \u6539\u3056\u3093\u691c\u77e5\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    tripwire --check --email-report<\/code><\/pre><\/div>\n\n\n\n
    \u5b9f\u884c\u7d50\u679c<\/p>\n<\/div>\n\n\n\n
    Parsing policy file: \/etc\/tripwire\/tw.pol\n*** Processing Unix File System ***\nPerforming integrity check...\nWrote report file: \/var\/lib\/tripwire\/report\/ip-***-***-***-***-yyyymmdd-hhmmss.twr\n\n\nOpen Source Tripwire(R) 2.4.3.5 Integrity Check Report\n\nReport generated by:          root\nReport created on:            20xx\u5e74xx\u6708xx\u65e5 xx\u6642xx\u5206xx\u79d2\nDatabase last updated on:     Never\n\n===============================================================================\nReport Summary:\n===============================================================================\n\nHost name:                    ip-***-***-***-***\nHost IP address:              ***.***.***.***\nHost ID:                      None\nPolicy file used:             \/etc\/tripwire\/tw.pol\nConfiguration file used:      \/etc\/tripwire\/tw.cfg\nDatabase file used:           \/var\/lib\/tripwire\/ip-***-***-***-***.twd\nCommand line used:            tripwire --check\n\n===============================================================================\nRule Summary:\n===============================================================================\n\n-------------------------------------------------------------------------------\n  Section: Unix File System\n-------------------------------------------------------------------------------\n\n  Rule Name                       Severity Level    Added    Removed  Modified\n  ---------                       --------------    -----    -------  --------\n* Web Server DocumentRootCheck    0                 1        0        1\n  (\/var\/www\/html)\n\nTotal objects scanned:  2\nTotal violations found:  2\n\n===============================================================================\nObject Summary:\n===============================================================================\n\n-------------------------------------------------------------------------------\n# Section: Unix File System\n-------------------------------------------------------------------------------\n\n-------------------------------------------------------------------------------\nRule Name: Web Server DocumentRootCheck (\/var\/www\/html)\nSeverity Level: 0\n-------------------------------------------------------------------------------\n\nAdded:\n"\/var\/www\/html\/test.txt"\n\nModified:\n"\/var\/www"<\/code><\/pre><\/div>\n\n\n\n
    \u300cModified\u300d\u306e\u5024\u304c\u5897\u3048\u3066\u3044\u308b\u4e8b\u304c\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n
    \u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u8d77\u52d5\u8a2d\u5b9a<\/strong><\/h4>\n\n\n
    \u65e5\u6b21\u3067\u30c1\u30a7\u30c3\u30af\u3092\u884c\u3044\u30ec\u30dd\u30fc\u30c8\u3092\u9001\u4fe1\u3055\u308c\u308b\u3088\u3046\u306b\u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\n\u6b21\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    vi \/etc\/cron.daily\/tripwire-check<\/code><\/pre><\/div>\n\n\n\n
    #!\/bin\/sh\nHOST_NAME=`uname -n`\nif [ ! -e \/var\/lib\/tripwire\/${HOST_NAME}.twd ] ; then\n        echo "****    Error: Tripwire database for ${HOST_NAME} not found.    ****"\n        echo "**** Run \\"\/etc\/tripwire\/twinstall.sh\\" and\/or \\"tripwire --init\\". ****"\nelif [ -f \/etc\/tripwire\/tw.cfg ]; then\n        # if GLOBALEMAIL is configured, use it rather than cron mail\n        if [ -n "`\/usr\/sbin\/twadmin -m f | sed -n 's\/^GLOBALEMAIL\\W*=\/\/p'`" ]; then\n                \/usr\/sbin\/tripwire --check --email-report --silent --no-tty-output\n        else\n                \/usr\/sbin\/tripwire --check\n        fi\nfi<\/code><\/pre><\/div>\n\n\n\n
    \u4ee5\u4e0b\u306e\u5024\u306b\u4fee\u6b63\u3057\u3066\u4fdd\u5b58\u3057\u307e\u3059\u3002<\/p>\n<\/div>\n\n\n\n
    #!\/bin\/sh\nHOST_NAME=`uname -n`\nif [ ! -e \/var\/lib\/tripwire\/${HOST_NAME}.twd ] ; then\n        echo "****    Error: Tripwire database for ${HOST_NAME} not found.    ****"\n        echo "**** Run \\"\/etc\/tripwire\/twinstall.sh\\" and\/or \\"tripwire --init\\". ****"\nelse\n        test -f \/etc\/tripwire\/tw.cfg && env LANG=C \/usr\/sbin\/tripwire --check --email-report > \/dev\/null\n        if [ $? -lt 8 ] ; then\n                tripwire --init --local-passphrase \u30ed\u30fc\u30ab\u30eb\u30d1\u30d5\u30b9\u30ec\u30fc\u30ba> \/dev\/null\n        fi\nfi<\/code><\/pre><\/div>\n","protected":false},"excerpt":{"rendered":"
    \u6982\u8981 \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb \u74b0\u5883\u8a2d\u5b9a \u9001\u4fe1\u30c6\u30b9\u30c8 \u6539\u3056\u3093\u691c\u77e5\u30c6\u30b9\u30c8 \u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u8d77\u52d5\u8a2d\u5b9a<\/p>\n","protected":false},"author":3,"featured_media":406,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,68],"tags":[69],"class_list":["post-405","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-security","tag-tripwire"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/www.itc109.com\/knowledge\/wp-content\/uploads\/sites\/2\/logo-tripwire.png","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pacZwp-6x","_links":{"self":[{"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/posts\/405","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/comments?post=405"}],"version-history":[{"count":14,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/posts\/405\/revisions"}],"predecessor-version":[{"id":3176,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/posts\/405\/revisions\/3176"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/media\/406"}],"wp:attachment":[{"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/media?parent=405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/categories?post=405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itc109.com\/knowledge\/wp-json\/wp\/v2\/tags?post=405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}