Return To Message Board
Author Topic:   FCheck v2.07.53 Posted
M. Gumienny posted 11/5/00 5:07 AM    
I've just posted FCheck v2.07.53 with several improvements such as single file monitoring, consolidation of the databases into one, UID/GID, Link counts, and Major/Minor number monitoring for device files.


Please use this forum to provide feedback and suggestions for further improvements towards making FCheck as user friendly, and functional as possible. Also, feel free to pass on any information that you see useful to others that use FCheck. I answer several emails each week pertaining to configuration issues, new users, new platforms, etc. Please refrain from name calling, even if in your opinion, the person asked an obvious question. It may not be obvious to them, so help them out.


Regards to all,

M. Gumienny

FCheck Forum Moderator and Author




[This message has been edited on 11/06/2000]
Chris Ho posted 11/7/00 9:34 AM     Click here to send email to Chris Ho  
Hi,I think there are 2 mistakes (that I canspot) in the install documentation:1)DataBase: --------- Used to convey the full path and filename that FCheck should utilize to store all of its baseline generated files. As pointed out elsewhere in this document the database filename that you use could be any existing directory and filename of your own desire. Database = /usr/local/fcheck/fcheck.dbf # Win32 systems include the drive letter as follows: Database = C:/FCheck/FCheck.dbf The above example would utilize the "/usr/local/fcheck/db" directory for storage of baseline snapshot databases, and "C:/Fcheck/FCheck.dbf" on a DOS system.The first example explanation refers toa .../db directory, which is not correct.2)The number of keywords did not includethe "FILE" type.Keep up the good work!--Chris Ho
M. Gumienny
(Moderator) 		posted 11/14/00 4:08 PM    
Thanks, for the extra eyes. I'll fix the typo next time around. I read this too late to fix it in the 2.7.54 upload.
Mark Delahunty posted 6/15/01 4:50 PM     Click here to send email to Mark Delahunty  
I've just tried fcheck for the first time. It looks very useful. I have a question, if it's a silly newbie question, forgive me: I tried "Directory=/" but this didn't scan subdirectories of /Is there a way to scan all directories? (I would then just exclude specific directories).
M. Gumienny posted 8/30/01 7:46 PM     Click here to send email to M. Gumienny  
It's built that way to protect the user from scanning an entire system. Depending on how loarge the system is, it could be a while before it completes a scan.Fcheck was born on a Unix system, so I tried to make it idiot proof by not looking at the Unix device files.


http://www.geocities.com/fcheck2000
Roy posted 12/5/01 4:47 PM    
Hi, thanks for developing such a program! :) I've this one question tho'.I've configured everything to my UNIX box and it gives me this error - WARNING: [brone.singa.pore.net] /usr/local/fcheck/fcheck.dbf [Sizes: 0 - 1707] even though I've done fcheck -ac and fcheck -a many times over (with no changes to the files) Any idea? :)
Return To Message Board

Back To Intrusion Detection Home Page  | Post New Topic