|Lesson 12|| Running automated checks|
|Objective||Describe the cron facility. |
Running Automated Checks in Redhat
Host Security to protect your System from Intruders
Automating the process of security checking is an extremely good idea. It saves you time and effort, and can help to automatically catch problems, even when you forget to check for them manually.
Of course, an attacker can disable your security checks, but it is rare that they will find everything that they need to disable.
crond is a daemon that executes commands at scheduled times.
It is started at boot up and looks for regularly scheduled jobs by scanning
/var/spool/cron every minute. For example, scripts in the directory
/etc/cron.daily are automatically executed every night.
If a script produces any output, that output is automatically mailed to the administrator.
Daemon: A daemon is a program that waits for a request from another program. The daemon then performs the
desired action, such as creating an http session, or opening and maintaining a communications socket. Some common daemons include httpd,
telnetd, and ftpd.
Create a cron file
Create File crond
crond, it is easy to automate security sweeps for sticky files; simply create a file named
with the information shown in the MouseOover below:
Once you have created this script, save it and make an executable by issuing the following:
chmod 0700 /etc/cron.daily/stickyCheck.
This script displays all sticky files whose contents or attributes have been modified within 48 hours. The results of this script will be mailed to
root every night.
The next lesson introduces you to RPM verification.