src/rootcheck/rootcheck.conf

   1 <rootcheck>
   2   <daemon>no</daemon>
   3   <notify>syslog</notify>
   4   <rootkit_files>./db/rootkit_files.txt</rootkit_files>
   5   <rootkit_trojans>./db/rootkit_trojans.txt</rootkit_trojans>
   6
   7   <system_audit>./db/system_audit_rcl.txt</system_audit>
   8   <system_audit>./db/cis_debian_linux_rcl.txt</system_audit>
   9   <system_audit>./db/cis_rhel_linux_rcl.txt</system_audit>
  10   <system_audit>./db/cis_rhel5_linux_rcl.txt</system_audit>
  11   <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
  12   <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
  13   <windows_malware>./shared/win_malware_rcl.txt</windows_malware>
  14
  15   <check_files>yes</check_files>
  16   <check_trojans>yes</check_trojans>
  17
  18   <check_unixaudit>yes</check_unixaudit>
  19   <check_winapps>yes</check_winapps>
  20   <check_winaudit>yes</check_winaudit>
  21   <check_winmalware>yes</check_winmalware>
  22
  23   <check_dev>yes</check_dev>
  24   <check_sys>yes</check_sys>
  25   <check_pids>yes</check_pids>
  26   <check_ports>yes</check_ports>
  27   <check_if>yes</check_if>
  28 </rootcheck>