#
# 'rc' file for tiger.  This file is preprocessed, and thus
# can *only* contain variable assignments and comments.
#
#------------------------------------------------------------------------
#
# Select checks to perform.  Specify 'N' (uppercase) for checks
# you don't want performed.
#
TigerNoBuild=Y			# C files are corrupted (ouch.)
Tiger_Check_PASSWD=Y		# Fast
Tiger_Check_PASSWD_FORMAT=N     # Fast - not needed if on systems with pwck
Tiger_Check_PASSWD_SHADOW=N	# Time varies on # of users
Tiger_Check_PASSWD_NIS=N	# Time varies on # of users
Tiger_Check_GROUP=Y		# Fast
Tiger_Check_ACCOUNTS=Y		# Time varies on # of users
Tiger_Check_RHOSTS=Y		# Time varies on # of users
Tiger_Check_NETRC=Y		# Time varies on # of users
Tiger_Check_ALIASES=Y		# Fast
Tiger_Check_CRON=Y		# Fast
Tiger_Check_ANONFTP=Y		# Fast
Tiger_Check_EXPORTS=Y		# Fast
Tiger_Check_INETD=Y		# Fast
Tiger_Check_SERVICES=Y		# Could be faster, not bad though
Tiger_Check_KNOWN=Y		# Fast
Tiger_Check_PERMS=Y		# Could be faster, not bad though
Tiger_Check_SIGNATURES=Y	# Several minutes
Tiger_Check_FILESYSTEM=Y	# Time varies on disk space... can be hours
Tiger_Check_ROOTDIR=Y           # Fast, only 2 checks
Tiger_Check_ROOT_ACCESS=Y       # Fast
Tiger_Check_PATH=Y		# Fast for just root... varies for all 
Tiger_Check_EMBEDDED=Y		# Several minutes
Tiger_Check_BACKUPS=Y           # Fast
Tiger_Check_LOGFILES=Y          # Fast
Tiger_Check_USERUMASK=Y         # Fast
Tiger_Check_ETCISSUE=N		# Fast, needs to be customised
Tiger_Check_STRICTNW=Y		# Fast - stringent N/W server checks
Tiger_Check_LISTENING=Y		# Fast
Tiger_Check_SYSTEM=Y		# Depends on the specific system checks
Tiger_Check_RUNPROC=N		# Fast, needs to be customized per system
Tiger_Check_DELETED=Y		# Depends on the number of processes on the
				# system
Tiger_Check_APACHE=N		# Fast
Tiger_Check_SSH=Y		# Fast
Tiger_Check_SENDMAIL=N		# Fast
Tiger_Check_PRINTCAP=N		# Fast
Tiger_Check_EXRC=N		# Depends on the size of the filesystem
Tiger_Check_ROOTKIT=Y		# Slow if chkrootkit is available
Tiger_Check_FTPUSERS=Y		# Fast
# OS specific checks
# You can comment them if they are not appropriate to your system but
# they will not run if you are running a different OS
# - Linux specific
Tiger_Check_PATCH=N             # Depends on your network connection
				# (if no timeout is fixed it might stall)
Tiger_Check_SINGLE=Y            # Fast
Tiger_Check_BOOT=Y              # Fast
Tiger_Check_INITTAB=Y           # Fast
Tiger_Check_RCUMASK=Y           # Fast
Tiger_Check_NEVERLOG=Y          # Fast
Tiger_Check_OS=Y                # Fast
# - Linux, HPUX and Solaris specific
Tiger_Check_NETWORKCONFIG=Y     # Fast
# - HPUX specific
Tiger_Check_TRUSTED=Y
# 
# Should reports with no info be sent on cron?
#
Tiger_Cron_SendOKReports=N
#
# How many reports should be kept for each check when run from the
# crontab?
#
TigerCron_Log_Keep_Max=10
#
# Should reports be compared with a template? (if available)
# (Note: takes precedence over previous run check)
#
Tiger_Cron_Template=N
#
# Should reports be compared with previous runs? (if available)
#
Tiger_Cron_CheckPrev=Y
#
# Should messages tagged with INFO be shown?
#
Tiger_Show_INFO_Msgs=N
#
# In order for this to be effective, you should define 'CRACK' in
# a 'site' file.
#
# Note: Disabled for Debian since it (currently) does not work and 
# the 'john' package can be configured to crack the passwords periodicly 
Tiger_Run_CRACK=N               # First time, ages; subsequent fairly quick
#
# Custom Crack binary location (like read-only media),
# this can be a generic location which can be overriden by the site
# configuration file.
#Tiger_CRACK_LOC_OVERRIDE=/mnt/cdrom/crack/Crack
#Tiger_CRACKREPORTER_LOC_OVERRIDE=/mnt/cdrom/crack/Reporter
# This directory needs to be writable for Crack to work
#Tiger_CRACKDIR_LOC_OVERRIDE=/usr/local/crack
#
# Should we use canonical fully qualified domain names
# in the reports?
#
Tiger_Output_FQDN=Y
#
# Integrity checkers:
# Note: 
# - Make sure you don't run more than one integrity checker as it will 
# slow down checking drastically.
# - These checks are disabled since they are provided by the own programs
# when installing most integrity-checking programs (this is the default
# behaviour in Debian, for example)
#
# Run Tripwire file integrity checker
#
Tiger_Run_TRIPW=N		# Slow
#
# Custom Tripwire binary location (like read-only media)
# This can be a generic location which can be overriden by the site
# configuration file.
#Tiger_TRIPW_LOC_OVERRIDE=/mnt/cdrom/tripw/tripwire
#
# Run Aide file integrity checker
Tiger_Run_AIDE=N                # Slow
# Verbose reporting (not implemented yet)
#Tiger_Run_AIDE_VERBOSE=1
#
# The options below are usefull if you use custom settings.
# These can be a generic location which can be overriden by the site
# configuration file.
# Custom Aide location (like read-only media)
#Tiger_AIDE_LOC_OVERRIDE=/mnt/cdrom/aide/aide.bin
# Custom Aide configuration file (say, read-only media)
#Tiger_AIDE_CFG_OVERRIDE=/mnt/cdrom/aide/aide.conf
# Custom database (for instance in read-only media)
#Tiger_AIDE_DB_OVERRIDE=/mnt/cdrom/aide/in.db
#
# I think there are enough hints to best practices like storing
# crucial data ON READ-ONLY MEDIA.
#
# Run Integrit file integrity checker
Tiger_Run_INTEGRIT=N                # Slow
Tiger_INTEGRIT_CFG=/etc/integrit/integrit.conf
#
# Custom Integrit location (like read-only media)
#Tiger_INTEGRIT_LOC_OVERRIDE=/mnt/cdrom/integrit/integrit.bin


# Line size (for formatting of output)... default is 79...
# Specifying '0' means unlimited
#
Tiger_Output_Width=79
#
# Same as above, except used when run via 'tigercron'...
# You should set this once and never change it, 'cause if you
# change it, you'll get lots and lots of new stuff according
# to the scripts (the diff's against previous reports will find
# lots of changes due to the formatting changes).
#
Tiger_CRON_Output_Width=0
#
# Global places to confirm some type of default PATH setting.
# A simple space delimited list
#
Tiger_Global_PATH="/etc/profile /etc/csh.login"
#
# What password aging/constraints to check for.
# A simple space delimited list.
Tiger_Passwd_Constraints="PASS_MIN_DAYS PASS_MAX_DAYS PASS_WARN_AGE PASS_MIN_LEN"
#
# Acceptable password hashes.
# List of password hashes separated by '|'... no whitespaces
Tiger_Passwd_Hashes='crypt3|bigcrypt'
#
# Number of days of non-modified files in the home directory for a user
# to be considered dormant (setting = 0 disables this check)
Tiger_Dormant_Limit=60
#
# What accounts are considered administrative (beyond root)
# (likely to not be used by humans, and therefore have impossible passwords)
# List of usernames separated by '|'... no whitespaces
Tiger_Admin_Accounts='adm|bin|daemon|lp|sys|uucp'
#
# If an embedded pathname refers to an executable file, this executable
# will in turn be checked.  This will continue "recursively" until
# either no new executables are found, or a maximum reference depth
# is reached.  Setting this variable to 0 is equivalent to infinity.
# On a Sun 4/490, SunOS 4.1.2, 6GB disk, an infinite depth check
# took about 30 minutes.  Your milage will vary.
#
# On small memory systems, a large search depth can result in out
# of memory situations for 'sort'... :-(...
#
Tiger_Embed_Max_Depth=3
#
# Only search executables for embedded pathnames.  If this is
# set to 'N', then all regular files will be searched.  Otherwise
# only executable files will be searched.
#
Tiger_Embed_Check_Exec_Only=Y
#
# Check all setuid executables found.  This will cause 'tiger'
# to run longer on many systems, as it will have to wait for the
# file system scans to complete before it can begin checking the
# embedded pathnames.
#
Tiger_Embed_Check_SUID=Y
#
# Only report executables which are writable or not owned by root.  If set
# to 'Y' only the executables will be reported.  Any other value will result
# in regular files and directories being reported as well.
#
# Note that currently, device files are never reported.
#
Tiger_Embed_Report_Exec_Only=Y
#
# Who do you allow to own system files.
# List of usernames separated by '|'... no whitespace
#
Tiger_Embedded_OK_Owners='root|bin|uucp|sys|daemon'
#Tiger_Embedded_OK_Owners=root
#
# What groups can have write access to system files?
# List of group names separated by '|'... no whitespace.
# No value means no groups should have write access.
#
Tiger_Embedded_OK_Group_Write='root|bin|uucp|sys|daemon'
#
# Should all users' PATH variables be checked.  This has the potential
# of being dangerous because of the way it is done.  You might want to
# take a look at check_path and decide for yourself whether the precautions
# are sufficient before enabling this.
#
Tiger_Check_PATHALL=N           # Check all user PATHs in startup files.
#
# Who can own executables in 'root's PATH?
# List of usernames separated by '|'... no whitespace
#
#Tiger_ROOT_PATH_OK_Owners='root|uucp|bin|news|sys|daemon'
# If you are paranoid:
#Tiger_ROOT_PATH_OK_Owners='root'
# If you are running HP-UX
Tiger_ROOT_PATH_OK_Owners='root|uucp|bin|news|sys|daemon|lp'
#
# What groups can have write access to executables in 'root's PATH?
# List of group names separated by '|'... no whitespace.
# No value means no groups should have write access.
#
Tiger_ROOT_PATH_OK_Group_Write='root|uucp|bin|sys|daemon'
#
# Who can own things in other users PATH?
# List of usernames separated by '|'... no whitespace
#
Tiger_PATH_OK_Owners='root|bin|daemon|uucp|sys|adm'
#
# What groups can have write access to executables in non-root user PATH?
# List of group names separated by '|'... no whitespace.
# No value means no groups should have write access.
#
Tiger_PATH_OK_Group_Write=
#
# Should 'tiger' wait for Crack to f                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            