X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Frootcheck%2Frootcheck.h;h=ca9b279de5b95693945b48dd0e308e57e05d12fc;hp=3d9af730947e12c07888af54fa97654b1af488e1;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554 diff --git a/src/rootcheck/rootcheck.h b/src/rootcheck/rootcheck.h index 3d9af73..ca9b279 100755 --- a/src/rootcheck/rootcheck.h +++ b/src/rootcheck/rootcheck.h @@ -1,4 +1,5 @@ -/* @(#) $Id$ */ +/* @(#) $Id: ./src/rootcheck/rootcheck.h, 2011/09/08 dcid Exp $ + */ /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. @@ -8,7 +9,7 @@ * License (version 2) as published by the FSF - Free Software * Foundation */ - + #ifndef __ROOTCHECK_H #define __ROOTCHECK_H @@ -28,7 +29,7 @@ rkconfig rootcheck; /* rk_types */ #define ALERT_OK 0 -#define ALERT_SYSTEM_ERROR 1 +#define ALERT_SYSTEM_ERROR 1 #define ALERT_SYSTEM_CRIT 2 #define ALERT_ROOTKIT_FOUND 3 #define ALERT_POLICY_VIOLATION 4 @@ -51,11 +52,11 @@ int rk_check_file(char *file, char *pattern); /* int rk_check_dir(char *dir, char *file, char *pattern) */ int rk_check_dir(char *dir, char *file, char *pattern); - + /* pt_matches: Checks if pattern is present on string */ int pt_matches(char *str, char *pattern); -/* pt_check_negate: checks if the patterns is made up +/* pt_check_negate: checks if the patterns is made up * completely of negate matches */ int pt_check_negate(char *pattern); @@ -67,37 +68,37 @@ int is_registry(char *entry_name, char *reg_option, char *reg_value); /* int rkcl_get_entry: Reads cl configuration file. */ int rkcl_get_entry(FILE *fp, char *msg, void *p_list); - + /** char *normalize_string * Normalizes a string, removing white spaces and tabs * from the begining and the end of it. */ char *normalize_string(char *str); - + /* Check if regex is present on the file. * Similar to `strings file | grep -r regex` - */ + */ int os_string(char *file, char *regex); /* check for NTFS ADS (Windows only) */ int os_check_ads(char *full_path); -/* os_get_process_list: Get list of processes +/* os_get_process_list: Get list of processes */ void *os_get_process_list(); /* is_process: Check is a process is running. */ int is_process(char *value, void *p_list); - + /* del_plist:. Deletes the process list */ int del_plist(void *p_list); - + /* Used to report messages */ int notify_rk(int rk_type, char *msg); @@ -138,7 +139,7 @@ void check_rc_sys(char *basedir); void check_rc_pids(); /* Verifies if "pid" is in the proc directory */ -int check_rc_readproc(int pid); +int check_rc_readproc(int pid); void check_rc_ports();