Tripwire の扱いにも大分慣れてきましたの♪日々、次の投稿のコマンドを使ってチェックしております。
さて、yum で次のパッケージをアップデートいたしました。
- libxml2-2.6.26-2.1.21.el5_9.3.i386
- mysql-libs-5.5.33-1.el5.remi.i386
- mysql-server-5.5.33-1.el5.remi.i386
- mysql-5.5.33-1.el5.remi.i386
本来であれば、ここで Tripwire のベースラインデータベースをアップデートし、他のファイルの不正な改ざんを監視しやするべきなのですけれども、あえてこのまま放っておいて、MySQL をアップデートいたしますと Tripwire のレポートにどのように改ざん検知され、そして表現されるのか、見てみたいと思います。
レポートのメールタイトルを見てみます。
- TWReport oki2a24.com 20130803020041 V:69 S:100 A:2 R:2 C:65
全体で 69 もの違反検知(V:violations)があり、そのうち追加(A:Added)が 2 つ、削除(R:Removed)が 2 つ、変更(C:Modified)が 65 でした。とても多いですね。中身を見てみましょう。
SSH でつないで Tripwire のレポートを覗いてみます♪
Tripwire が検知したファイル一覧を見てみましょう。
ログファイルは MySQL とは無関係ですので省くとしまして、大別して次の場所が変更されています。
- /usr/lib/
- /usr/bin/
- /var/lock/
- /var/run/
- /etc/sysconfig/
- /etc/rc.d/init.d/
改ざん検知に引っかかるものが把握できるという以外に、パッケージをアップデートしましすとどのファイルが更新されるのかがわかって大変興味深いです。普段は yum でばかりインストールしておりますので、ソースから configure そして make すればこのようなファイルの動きもわかるのでありましょうとしみじみ思いました。
=============================================================================== Object Summary: =============================================================================== ------------------------------------------------------------------------------- # Section: Unix File System ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Rule Name: Libraries (/usr/lib) Severity Level: 66 ------------------------------------------------------------------------------- Modified: "/usr/lib/libxml2.so.2" "/usr/lib/libxml2.so.2.6.26" "/usr/lib/mysql/INFO_BIN" "/usr/lib/mysql/INFO_SRC" "/usr/lib/mysql/libmysqlclient.so.18" "/usr/lib/mysql/libmysqlclient.so.18.0.0" "/usr/lib/mysql/mysql_config" "/usr/lib/mysql/mysqlbug" "/usr/lib/mysql/plugin/adt_null.so" "/usr/lib/mysql/plugin/auth.so" "/usr/lib/mysql/plugin/auth_socket.so" "/usr/lib/mysql/plugin/auth_test_plugin.so" "/usr/lib/mysql/plugin/daemon_example.ini" "/usr/lib/mysql/plugin/libdaemon_example.so" "/usr/lib/mysql/plugin/mypluglib.so" "/usr/lib/mysql/plugin/qa_auth_client.so" "/usr/lib/mysql/plugin/qa_auth_interface.so" "/usr/lib/mysql/plugin/qa_auth_server.so" "/usr/lib/mysql/plugin/semisync_master.so" "/usr/lib/mysql/plugin/semisync_slave.so" ------------------------------------------------------------------------------- Rule Name: User binaries (/usr/bin) Severity Level: 66 ------------------------------------------------------------------------------- Modified: "/usr/bin/innochecksum" "/usr/bin/msql2mysql" "/usr/bin/my_print_defaults" "/usr/bin/myisam_ftdump" "/usr/bin/myisamchk" "/usr/bin/myisamlog" "/usr/bin/myisampack" "/usr/bin/mysql" "/usr/bin/mysql_config" "/usr/bin/mysql_convert_table_format" "/usr/bin/mysql_find_rows" "/usr/bin/mysql_fix_extensions" "/usr/bin/mysql_install_db" "/usr/bin/mysql_plugin" "/usr/bin/mysql_secure_installation" "/usr/bin/mysql_setpermission" "/usr/bin/mysql_tzinfo_to_sql" "/usr/bin/mysql_upgrade" "/usr/bin/mysql_waitpid" "/usr/bin/mysql_zap" "/usr/bin/mysqlaccess" "/usr/bin/mysqladmin" "/usr/bin/mysqlbinlog" "/usr/bin/mysqlbug" "/usr/bin/mysqlcheck" "/usr/bin/mysqld_multi" "/usr/bin/mysqld_safe" "/usr/bin/mysqldump" "/usr/bin/mysqldumpslow" "/usr/bin/mysqlhotcopy" "/usr/bin/mysqlimport" "/usr/bin/mysqlshow" "/usr/bin/mysqlslap" "/usr/bin/mysqltest" "/usr/bin/perror" "/usr/bin/replace" "/usr/bin/resolve_stack_dump" "/usr/bin/resolveip" "/usr/bin/xmlcatalog" "/usr/bin/xmllint" ------------------------------------------------------------------------------- Rule Name: System boot changes (/var/lock/subsys) Severity Level: 100 ------------------------------------------------------------------------------- Modified: "/var/lock/subsys/mysqld" ------------------------------------------------------------------------------- Rule Name: System boot changes (/var/run) Severity Level: 100 ------------------------------------------------------------------------------- Modified: "/var/run/mysqld/mysqld.pid" ------------------------------------------------------------------------------- Rule Name: System boot changes (/var/log) Severity Level: 100 ------------------------------------------------------------------------------- Added: "/var/log/sa/sa03" "/var/log/sa/sar02" Removed: "/var/log/sa/sa25" "/var/log/sa/sar24" Modified: "/var/log/rpmpkgs" ------------------------------------------------------------------------------- Rule Name: Critical configuration files (/etc/sysconfig) Severity Level: 100 ------------------------------------------------------------------------------- Modified: "/etc/sysconfig/mysqld" ------------------------------------------------------------------------------- Rule Name: Critical configuration files (/etc/rc.d/init.d) Severity Level: 100 ------------------------------------------------------------------------------- Modified: "/etc/rc.d/init.d/mysqld"
おわりに。おまけで Tripwire レポート完全版
最後に、レポートの完全版を掲載しておきます。後日 Tripwire のレポートのサンプルが見たい時や、Tripwire をご検討されているどなたかの参考になるかもしれません。
Note: Report is not encrypted.
Tripwire(R) 2.4.1 Integrity Check Report
Report generated by: root
Report created on: 2013年08月03日 02時00分41秒
Database last updated on: 2013年08月02日 20時54分09秒
===============================================================================
Report Summary:
===============================================================================
Host name: oki2a24.com
Host IP address: 127.0.0.1
Host ID: None
Policy file used: /etc/tripwire/tw.pol
Configuration file used: /etc/tripwire/tw.cfg
Database file used: /var/lib/tripwire/oki2a24.com.twd
Command line used: /usr/sbin/tripwire --check --email-report
===============================================================================
Rule Summary:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
Rule Name Severity Level Added Removed Modified
--------- -------------- ----- ------- --------
Invariant Directories 66 0 0 0
Temporary directories 33 0 0 0
Tripwire Data Files 100 0 0 0
* User binaries 66 0 0 40
Tripwire Binaries 100 0 0 0
* Libraries 66 0 0 20
Operating System Utilities 100 0 0 0
File System and Disk Administraton Programs
100 0 0 0
Kernel Administration Programs 100 0 0 0
Networking Programs 100 0 0 0
System Administration Programs 100 0 0 0
Hardware and Device Control Programs
100 0 0 0
System Information Programs 100 0 0 0
Application Information Programs
100 0 0 0
(/sbin/rtmon)
Shell Related Programs 100 0 0 0
Critical Utility Sym-Links 100 0 0 0
Shell Binaries 100 0 0 0
Critical system boot files 100 0 0 0
* System boot changes 100 2 2 3
OS executables and libraries 100 0 0 0
* Critical configuration files 100 0 0 2
Security Control 100 0 0 0
Login Scripts 100 0 0 0
Root config files 100 0 0 0
Total objects scanned: 12600
Total violations found: 69
===============================================================================
Object Summary:
===============================================================================
-------------------------------------------------------------------------------
# Section: Unix File System
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Libraries (/usr/lib)
Severity Level: 66
-------------------------------------------------------------------------------
Modified:
"/usr/lib/libxml2.so.2"
"/usr/lib/libxml2.so.2.6.26"
"/usr/lib/mysql/INFO_BIN"
"/usr/lib/mysql/INFO_SRC"
"/usr/lib/mysql/libmysqlclient.so.18"
"/usr/lib/mysql/libmysqlclient.so.18.0.0"
"/usr/lib/mysql/mysql_config"
"/usr/lib/mysql/mysqlbug"
"/usr/lib/mysql/plugin/adt_null.so"
"/usr/lib/mysql/plugin/auth.so"
"/usr/lib/mysql/plugin/auth_socket.so"
"/usr/lib/mysql/plugin/auth_test_plugin.so"
"/usr/lib/mysql/plugin/daemon_example.ini"
"/usr/lib/mysql/plugin/libdaemon_example.so"
"/usr/lib/mysql/plugin/mypluglib.so"
"/usr/lib/mysql/plugin/qa_auth_client.so"
"/usr/lib/mysql/plugin/qa_auth_interface.so"
"/usr/lib/mysql/plugin/qa_auth_server.so"
"/usr/lib/mysql/plugin/semisync_master.so"
"/usr/lib/mysql/plugin/semisync_slave.so"
-------------------------------------------------------------------------------
Rule Name: User binaries (/usr/bin)
Severity Level: 66
-------------------------------------------------------------------------------
Modified:
"/usr/bin/innochecksum"
"/usr/bin/msql2mysql"
"/usr/bin/my_print_defaults"
"/usr/bin/myisam_ftdump"
"/usr/bin/myisamchk"
"/usr/bin/myisamlog"
"/usr/bin/myisampack"
"/usr/bin/mysql"
"/usr/bin/mysql_config"
"/usr/bin/mysql_convert_table_format"
"/usr/bin/mysql_find_rows"
"/usr/bin/mysql_fix_extensions"
"/usr/bin/mysql_install_db"
"/usr/bin/mysql_plugin"
"/usr/bin/mysql_secure_installation"
"/usr/bin/mysql_setpermission"
"/usr/bin/mysql_tzinfo_to_sql"
"/usr/bin/mysql_upgrade"
"/usr/bin/mysql_waitpid"
"/usr/bin/mysql_zap"
"/usr/bin/mysqlaccess"
"/usr/bin/mysqladmin"
"/usr/bin/mysqlbinlog"
"/usr/bin/mysqlbug"
"/usr/bin/mysqlcheck"
"/usr/bin/mysqld_multi"
"/usr/bin/mysqld_safe"
"/usr/bin/mysqldump"
"/usr/bin/mysqldumpslow"
"/usr/bin/mysqlhotcopy"
"/usr/bin/mysqlimport"
"/usr/bin/mysqlshow"
"/usr/bin/mysqlslap"
"/usr/bin/mysqltest"
"/usr/bin/perror"
"/usr/bin/replace"
"/usr/bin/resolve_stack_dump"
"/usr/bin/resolveip"
"/usr/bin/xmlcatalog"
"/usr/bin/xmllint"
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/lock/subsys)
Severity Level: 100
-------------------------------------------------------------------------------
Modified:
"/var/lock/subsys/mysqld"
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/run)
Severity Level: 100
-------------------------------------------------------------------------------
Modified:
"/var/run/mysqld/mysqld.pid"
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/log)
Severity Level: 100
-------------------------------------------------------------------------------
Added:
"/var/log/sa/sa03"
"/var/log/sa/sar02"
Removed:
"/var/log/sa/sa25"
"/var/log/sa/sar24"
Modified:
"/var/log/rpmpkgs"
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/sysconfig)
Severity Level: 100
-------------------------------------------------------------------------------
Modified:
"/etc/sysconfig/mysqld"
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/rc.d/init.d)
Severity Level: 100
-------------------------------------------------------------------------------
Modified:
"/etc/rc.d/init.d/mysqld"
===============================================================================
Object Detail:
===============================================================================
-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Libraries (/usr/lib)
Severity Level: 66
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 20
----------------------------------------
Modified object name: /usr/lib/libxml2.so.2
Property: Expected Observed
------------- ----------- -----------
Object Type Symbolic Link Symbolic Link
Device Number 83 83
* Inode Number 190418280 190420601
Mode lrwxrwxrwx lrwxrwxrwx
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 17 17
* Modify Time 2013年06月10日 12時20分49秒
2013年08月02日 20時58分42秒
Blocks 0 0
CRC32 CLdy3A CLdy3A
MD5 AJK6DL9Gzy/CU59ceMUAYC AJK6DL9Gzy/CU59ceMUAYC
Modified object name: /usr/lib/libxml2.so.2.6.26
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190422503 190418280
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 1252732 1252732
* Modify Time 2013年03月05日 17時00分16秒
2013年07月31日 18時37分09秒
Blocks 2456 2456
* CRC32 DtoqRe ByJ8Ue
* MD5 BodR9NDl+wcNjhe/cz3n43 BxaSe5FHO/Je0YH4+w6WzS
Modified object name: /usr/lib/mysql/INFO_BIN
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420437 190420436
Mode -rw-r--r-- -rw-r--r--
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2307 2315
* Modify Time 2013年06月04日 21時37分01秒
2013年08月01日 18時44分15秒
Blocks 8 8
* CRC32 DWIt1q AHu+lp
* MD5 AulAXOwjS/+W0nUTMZyfWh BHVm+TuNP5G4BgoTzpUhRM
Modified object name: /usr/lib/mysql/INFO_SRC
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425146 190420437
Mode -rw-r--r-- -rw-r--r--
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 213 219
* Modify Time 2013年06月04日 21時37分01秒
2013年08月01日 18時44分15秒
Blocks 8 8
* CRC32 D5MbNB Ahv8A2
* MD5 DvOTDVBTKZqE7PhQ2/mul6 D5GVrgSQHXLpBd2V9k58td
Modified object name: /usr/lib/mysql/libmysqlclient.so.18
Property: Expected Observed
------------- ----------- -----------
Object Type Symbolic Link Symbolic Link
Device Number 83 83
* Inode Number 190419328 190419445
Mode lrwxrwxrwx lrwxrwxrwx
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 24 24
* Modify Time 2013年06月10日 23時14分26秒
2013年08月02日 20時58分43秒
Blocks 0 0
CRC32 BZ2lPu BZ2lPu
MD5 AIFXncAi4ENjtbG7PPAXHe AIFXncAi4ENjtbG7PPAXHe
Modified object name: /usr/lib/mysql/libmysqlclient.so.18.0.0
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190419099 190419328
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2884124 2884476
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5648 5648
* CRC32 BfZJrB A848pN
* MD5 CXW2hEtiIS27Kzfn0QSCwu C2jgXARViw/rWZ8qTd7aGL
Modified object name: /usr/lib/mysql/mysql_config
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420351 190420350
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 7124 7124
* Modify Time 2013年06月04日 21時37分01秒
2013年08月01日 18時44分15秒
Blocks 16 16
* CRC32 AdhJG1 AKFL6M
* MD5 AErms+uccwcflsj2QpCY2B AAfkBpGFigZ7BeVeHKEW0m
Modified object name: /usr/lib/mysql/mysqlbug
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425147 190421723
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 12094 12094
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 24 24
* CRC32 BRqpYC Bosg9g
* MD5 C6TT5NLQEtenBbhCDuTFnu C23p9gJhQMKT36TQkbYOn5
Modified object name: /usr/lib/mysql/plugin/adt_null.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425152 190421724
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3580 3580
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 8 8
* CRC32 CrtEWE DQTBNv
* MD5 A9Nm3AUMUCkA9M/WPpSxBH AoagD/wEy1Cgj9p1l1MXwD
Modified object name: /usr/lib/mysql/plugin/auth.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425153 190421725
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 5356 5356
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 16 16
* CRC32 Aciqwi AbUrqf
* MD5 DmrhC2WGqnviEdWtIeuoM+ DqVhPEkz04h6AC9hAkNUG+
Modified object name: /usr/lib/mysql/plugin/auth_socket.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425154 190421726
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3832 3832
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 8 8
* CRC32 DT11Df BO/94E
* MD5 BDTY/+dAgfIaOKDV6Y9xax CG+KDpTUbmDOxwWP9Rv3DH
Modified object name: /usr/lib/mysql/plugin/auth_test_plugin.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425155 190421727
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 4280 4280
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 16 16
* CRC32 A5WJcc AeiuUq
* MD5 Bv7lZsPQo0PsX7c4ckU2oh DsNAN1hD8AHkQFpoAXVj03
Modified object name: /usr/lib/mysql/plugin/daemon_example.ini
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425156 190421728
Mode -rw-r--r-- -rw-r--r--
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 227 227
* Modify Time 2013年05月17日 00時47分15秒
2013年07月15日 21時01分50秒
Blocks 8 8
CRC32 AUzh+M AUzh+M
MD5 AGgj6JDciGz2B3ZXT6w4bj AGgj6JDciGz2B3ZXT6w4bj
Modified object name: /usr/lib/mysql/plugin/libdaemon_example.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425157 190421729
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 6100 6100
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 16 16
* CRC32 DN30gu BrO635
* MD5 ANlVA1reKRdz+7S9AvjYcv A7e78uoMlUvfV21rVlLH9i
Modified object name: /usr/lib/mysql/plugin/mypluglib.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425158 190421730
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 4576 4576
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 16 16
* CRC32 A6/1td Da6VSR
* MD5 BCG7SgAN+jqSP4+8JDPY0S BOnXedEXrQnMeF+uXVBBGz
Modified object name: /usr/lib/mysql/plugin/qa_auth_client.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425159 190421731
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3164 3164
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 8 8
* CRC32 Cmu0L4 CmnEjr
* MD5 DPsIQ9R0Ng9HOT/GmuqFHS D0CwuuObZfxyTMwbGD2BP4
Modified object name: /usr/lib/mysql/plugin/qa_auth_interface.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425160 190421732
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 4652 4652
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 16 16
* CRC32 B5h7xs Cs0e6u
* MD5 BlnnYzrqb/pPu0ScT1HMp3 BeVhBlBCmNIbX7TMiBP/Oe
Modified object name: /usr/lib/mysql/plugin/qa_auth_server.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425161 190421733
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3416 3416
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 8 8
* CRC32 AxSvFe C5nH8H
* MD5 CpYTpGoY0vmdAm5TGeLqVP DTKLOwwRIFxncvqZa5OJB4
Modified object name: /usr/lib/mysql/plugin/semisync_master.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425162 190421734
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 35396 35396
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 72 72
* CRC32 CxwPV1 BFQJA6
* MD5 De7SB76a5ffwLHPR2ENj3B AgEEd87PCoH3w+UHjBCGYZ
Modified object name: /usr/lib/mysql/plugin/semisync_slave.so
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190425163 190421735
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 10200 10200
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 24 24
* CRC32 B4/Qqs D9FTrd
* MD5 BxBQmhAjY7ZVorTeAPRjXq BDrigrjoQXfXmgJFaK5DVb
-------------------------------------------------------------------------------
Rule Name: User binaries (/usr/bin)
Severity Level: 66
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 40
----------------------------------------
Modified object name: /usr/bin/innochecksum
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190419597 190419512
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 7732 7732
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 16 16
* CRC32 Dl3Ino CyDwGu
* MD5 AS1Nsg6zPQNJVa4Fj1pvAD BkTWfskagNnq7HBPIeH3z0
Modified object name: /usr/bin/msql2mysql
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190422965 190421717
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 1412 1412
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 8 8
CRC32 CL6wnN CL6wnN
MD5 BSvNpF81/7QqfgMu6ptWVf BSvNpF81/7QqfgMu6ptWVf
Modified object name: /usr/bin/my_print_defaults
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420320 190421719
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2766488 2766840
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5416 5416
* CRC32 AHA6pa BnvhPG
* MD5 AmGc5crzOgJe3j4pPMTU45 AKd12BRHReIZvY6xZQSpR1
Modified object name: /usr/bin/myisam_ftdump
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420258 190419597
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3060180 3060180
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5992 5992
* CRC32 AB/0Ez B7/Hfc
* MD5 BZ1bDVbi8vD6IPGp0XZltJ Brp8JnFaXelY9G3ShSSwZG
Modified object name: /usr/bin/myisamchk
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420322 190420258
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3186224 3186224
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 6232 6232
* CRC32 CFdNrs DQsAVM
* MD5 DF/0DP36jcl1wBGqF44AmD A5UWFCuAfkvPMfdgZZcDHK
Modified object name: /usr/bin/myisamlog
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420323 190420322
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3047184 3047184
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5960 5960
* CRC32 DtMyo9 AVqcXo
* MD5 AWQB4yedlXMPx17tfteSus CrNPCKpHg/6+werw/hxqXL
Modified object name: /usr/bin/myisampack
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420324 190420323
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 3085140 3085268
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 6040 6040
* CRC32 DBJBKh Cd27H0
* MD5 DkytyFvyL0beCPW6OHJB6U Cqp27UbJ8vJ3JqxYPEPR+p
Modified object name: /usr/bin/mysql
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420321 190420320
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 3129292 3129324
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 6120 6120
* CRC32 D0VmhV AxXoa2
* MD5 AO3GIVlzTS+BaSoscH7143 Dhhj/txk1B5rbWsak/zdI+
Modified object name: /usr/bin/mysql_config
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420326 190420321
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3408 3408
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 8 8
CRC32 D96fos D96fos
MD5 ARWTObRx9d6F6gKvXU0ERv ARWTObRx9d6F6gKvXU0ERv
Modified object name: /usr/bin/mysql_convert_table_format
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420325 190420324
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 4245 4245
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 16 16
CRC32 Cb+TB1 Cb+TB1
MD5 CFani4YxXgtqlvUOjlr6Vm CFani4YxXgtqlvUOjlr6Vm
Modified object name: /usr/bin/mysql_find_rows
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420327 190420326
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3315 3315
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 8 8
CRC32 DNhUaN DNhUaN
MD5 CDiHx6rqkN118KM/eUjPnx CDiHx6rqkN118KM/eUjPnx
Modified object name: /usr/bin/mysql_fix_extensions
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420328 190420325
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 1261 1261
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 8 8
CRC32 DfDI9b DfDI9b
MD5 D1krSDHpUNrqkXozQ29HBx D1krSDHpUNrqkXozQ29HBx
Modified object name: /usr/bin/mysql_install_db
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420330 190420328
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 14852 14852
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 32 32
CRC32 CoFxQ9 CoFxQ9
MD5 Ax++wBByst/39iouqYSxUy Ax++wBByst/39iouqYSxUy
Modified object name: /usr/bin/mysql_plugin
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420331 190420330
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2774912 2775200
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5432 5432
* CRC32 AIU8lf DS5A5/
* MD5 DAtzJpvH3P5wB50WMVjmVU DtoRyvD2FLzBwWKL1NLfJU
Modified object name: /usr/bin/mysql_secure_installation
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420332 190420331
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 8198 8198
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 24 24
CRC32 BI1p8L BI1p8L
MD5 BgnPfougffwLSZN9L8DQWS BgnPfougffwLSZN9L8DQWS
Modified object name: /usr/bin/mysql_setpermission
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420333 190420332
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 17473 17473
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 40 40
CRC32 CchtvT CchtvT
MD5 Ah+Uy1ILoVOLX8PICklCOx Ah+Uy1ILoVOLX8PICklCOx
Modified object name: /usr/bin/mysql_tzinfo_to_sql
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420334 190420333
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 2740540 2740540
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5368 5368
* CRC32 AS5Cne BzDe5T
* MD5 CAg4AKlVkFWEvaRJJy+4bl AmOrZHTx4vNQSqCRZxQn3U
Modified object name: /usr/bin/mysql_upgrade
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420335 190420334
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2839256 2841912
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5560 5560
* CRC32 Cl2dbh B+oYK4
* MD5 C3nXQ/2k/Z16RlfPkeaWFr ABpJS5E/gmDQTpnxdAdWpB
Modified object name: /usr/bin/mysql_waitpid
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420329 190420327
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 2765684 2765684
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5416 5416
* CRC32 DACvO8 DhUFrb
* MD5 D0TaxgUcBPk09VER8lgJLO D8ZWBAQ8a4ZdRrbmJQWC55
Modified object name: /usr/bin/mysql_zap
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420336 190420335
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3888 3888
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 8 8
CRC32 COno5x COno5x
MD5 CQ2WtTTm8OM/tPaSgIJN/7 CQ2WtTTm8OM/tPaSgIJN/7
Modified object name: /usr/bin/mysqlaccess
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420337 190420329
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 111560 111560
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 232 232
CRC32 ArJZEt ArJZEt
MD5 D3abBPCaVUD0w307GKdODV D3abBPCaVUD0w307GKdODV
Modified object name: /usr/bin/mysqladmin
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420339 190420337
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2885208 2889240
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
* Blocks 5648 5656
* CRC32 An8P6N AMoom5
* MD5 Ce3g/lc+dMSzb3ZUc59Eg1 C1MFSEMn7+1oHeMJGA1dPg
Modified object name: /usr/bin/mysqlbinlog
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420340 190420339
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3013400 3013400
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5896 5896
* CRC32 Cdqst2 DeTyYc
* MD5 AjDPpN7g3ULClWyfVQztZq DoYD5x3GTsyzv6shTr9ulh
Modified object name: /usr/bin/mysqlbug
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420338 190420336
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3404 3404
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 8 8
CRC32 AKvsTl AKvsTl
MD5 C5y6nVTgsTjhoSEUjLNHSW C5y6nVTgsTjhoSEUjLNHSW
Modified object name: /usr/bin/mysqlcheck
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420341 190420340
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2882168 2882488
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5640 5640
* CRC32 BPAqgX AWclaD
* MD5 BwmFh9QdcMLCIK0Zc4GRiv CRPIFtYkJWPVYxFtbaEQuC
Modified object name: /usr/bin/mysqld_multi
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420342 190420338
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 23759 23759
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 48 48
CRC32 CQUqWp CQUqWp
MD5 AwfLtXOUdyGOOVIdwzybfm AwfLtXOUdyGOOVIdwzybfm
Modified object name: /usr/bin/mysqld_safe
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420344 190420342
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 24630 24630
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 56 56
CRC32 DYBKDr DYBKDr
MD5 DHNs5ycTPJK5aW0iwPjusU DHNs5ycTPJK5aW0iwPjusU
Modified object name: /usr/bin/mysqldump
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420343 190420341
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2946132 2946356
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5768 5768
* CRC32 CkGEd2 C2FsXg
* MD5 CMqTsZtjcePlgwMIMFWCch AW4Ig4/EWlb/kcCzq3SuB2
Modified object name: /usr/bin/mysqldumpslow
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190426698 190421721
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 7402 7402
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 16 16
CRC32 BvcbLf BvcbLf
MD5 DFxXraIaQTaVYQrx3lgOON DFxXraIaQTaVYQrx3lgOON
Modified object name: /usr/bin/mysqlhotcopy
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420347 190421722
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 34852 34852
* Modify Time 2013年06月04日 21時18分47秒
2013年08月01日 18時26分32秒
Blocks 72 72
CRC32 B85M1U B85M1U
MD5 COb15O7y5u0OhdB1wj/bXw COb15O7y5u0OhdB1wj/bXw
Modified object name: /usr/bin/mysqlimport
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420346 190420343
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2877528 2877848
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5632 5632
* CRC32 BZpAA4 CSZ/bQ
* MD5 AsdPNDgRScAmkDzz9IgZQf CMKOf/fuSj4nvqx7pX0ZSW
Modified object name: /usr/bin/mysqlshow
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420349 190420346
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 2880436 2880436
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5640 5640
* CRC32 Bdairg BKlb9Z
* MD5 DGAZqInW1EKCp3SVnsdlMs Bckvo3ovV6QJSbz2tOjdOW
Modified object name: /usr/bin/mysqlslap
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420350 190420349
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2896340 2896692
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 5672 5672
* CRC32 DojaGG DWUBve
* MD5 CxGaBHyMdbqiWM2oyK3ETn Dvf0xulL9HfnWFltYfUDLr
Modified object name: /usr/bin/mysqltest
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420348 190420347
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 3078028 3078028
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分30秒
Blocks 6024 6024
* CRC32 ALp5UC C8pQNN
* MD5 C6msDhYfRqc5mqY/JdW+F4 BCjh3JvGD3dTUN0Kw003EE
Modified object name: /usr/bin/perror
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420352 190420348
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 2844592 2844592
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5568 5568
* CRC32 DLRpGe AJ3tvw
* MD5 BKkL4KcOMdCpqoQTNh6Mv2 CfUhZvgYYkdKs3435uwDW1
Modified object name: /usr/bin/replace
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420382 190420352
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 2750288 2750288
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5384 5384
* CRC32 CWwLHD B89Gas
* MD5 DBCxt9YnC8wg02UblEPAk/ Dsjmtx8BQhgsxZjWj/EX0h
Modified object name: /usr/bin/resolve_stack_dump
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420434 190420382
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 2769756 2769756
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5424 5424
* CRC32 Cjd8dR BXgH7F
* MD5 AK3gfNosylLxC/tzJCLfXt AqjS1RVAYWMuuSkPNBL2DQ
Modified object name: /usr/bin/resolveip
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420436 190420434
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
* Size 2765648 2765904
* Modify Time 2013年06月04日 21時37分24秒
2013年08月01日 18時44分31秒
Blocks 5416 5416
* CRC32 A8qbVv Bt/33i
* MD5 B54PZHP/2dR8gddgtPaTWj DuXrh+Qgv8tM1IQHxdJzl9
Modified object name: /usr/bin/xmlcatalog
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420601 190417567
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 12500 12500
* Modify Time 2013年03月05日 17時00分16秒
2013年07月31日 18時37分09秒
Blocks 32 32
* CRC32 Dhx79c CQ62/l
* MD5 B8gFJwiV6UxrsSG0Nic7Rd Dlqc2qHqQ7mYdhWJMrK3Uy
Modified object name: /usr/bin/xmllint
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190420602 190419429
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 51916 51916
* Modify Time 2013年03月05日 17時00分16秒
2013年07月31日 18時37分09秒
Blocks 112 112
* CRC32 D8cWAd DpAqjP
* MD5 DSvUFF0119TX/8HD1oxsfL DZbCM/z15LBc/z99iRm5Ta
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/lock/subsys)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /var/lock/subsys/mysqld
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 191540813 191536119
Mode -rw-r--r-- -rw-r--r--
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/run)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /var/run/mysqld/mysqld.pid
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 191540812 191536117
Mode -rw-rw---- -rw-rw----
Num Links 1 1
UID mysql (27) mysql (27)
GID mysql (27) mysql (27)
-------------------------------------------------------------------------------
Rule Name: System boot changes (/var/log)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 2
----------------------------------------
Added object name: /var/log/sa/sa03
Property: Expected Observed
------------- ----------- -----------
* Object Type --- Regular File
* Device Number --- 83
* Inode Number --- 191529620
* Mode --- -rw-r--r--
* Num Links --- 1
* UID --- root (0)
* GID --- root (0)
Added object name: /var/log/sa/sar02
Property: Expected Observed
------------- ----------- -----------
* Object Type --- Regular File
* Device Number --- 83
* Inode Number --- 191529619
* Mode --- -rw-r--r--
* Num Links --- 1
* UID --- root (0)
* GID --- root (0)
----------------------------------------
Removed Objects: 2
----------------------------------------
Removed object name: /var/log/sa/sa25
Property: Expected Observed
------------- ----------- -----------
* Object Type Regular File ---
* Device Number 83 ---
* Inode Number 191529649 ---
* Mode -rw-r--r-- ---
* Num Links 1 ---
* UID root (0) ---
* GID root (0) ---
Removed object name: /var/log/sa/sar24
Property: Expected Observed
------------- ----------- -----------
* Object Type Regular File ---
* Device Number 83 ---
* Inode Number 191529658 ---
* Mode -rw-r--r-- ---
* Num Links 1 ---
* UID root (0) ---
* GID root (0) ---
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /var/log/rpmpkgs
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 191529670 191529649
Mode -rw-r--r-- -rw-r--r--
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/sysconfig)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/sysconfig/mysqld
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190419512 190419333
Mode -rw-r--r-- -rw-r--r--
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 224 224
* Modify Time 2013年06月04日 21時37分01秒
2013年08月01日 18時44分15秒
Blocks 8 8
CRC32 CF/Nrb CF/Nrb
MD5 BoYd2KAWd5Q0MNZPy+2IAZ BoYd2KAWd5Q0MNZPy+2IAZ
-------------------------------------------------------------------------------
Rule Name: Critical configuration files (/etc/rc.d/init.d)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Modified Objects: 1
----------------------------------------
Modified object name: /etc/rc.d/init.d/mysqld
Property: Expected Observed
------------- ----------- -----------
Object Type Regular File Regular File
Device Number 83 83
* Inode Number 190419333 190421720
Mode -rwxr-xr-x -rwxr-xr-x
Num Links 1 1
UID root (0) root (0)
GID root (0) root (0)
Size 6305 6305
* Modify Time 2013年06月04日 21時37分01秒
2013年08月01日 18時44分15秒
Blocks 16 16
CRC32 A8CcwK A8CcwK
MD5 BvXLW8W1EXGmyFnCCaRoLi BvXLW8W1EXGmyFnCCaRoLi
===============================================================================
Error Report:
===============================================================================
No Errors
-------------------------------------------------------------------------------
*** End of report ***
Tripwire 2.4 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.
以上です。