checksecurity 2.0.16+nmu1ubuntu1 / etc / checksecurity.conf

#
#  This is the global configuration file for checksecurity, it
# defines several common settings, and controls which of the 
# tests are enabled.
#



##
##  This is the global configuration section.
##


#
# MAILTO controls where the results of the tests will be mailed
# to upon alert conditions.
#
MAILTO=root

# If the CHECKSECURITY_EMAIL is set, the report is mailed to the given
# address. Note that if you set this, it is *assumed* that you have
# /usr/bin/mail that accepts -s; the bsd-mailx package provides this; or
# you can install mutt and create a link, or some other
# alternative. No, I'm not going to fix it to write the appropriate
# headers and use sendmail (although I'd consider patch), nor am I
# going to add a {Depends|Recommends|Suggests} to this package.
# Do not submit bugs about this unless you include the above mentioned
# patch. You enabled this option -- you take responsibility.
#
#CHECKSECURITY_EMAIL="root"

#
# This is the path which the scripts are given when they are run.
#
PATH=/usr/sbin:/usr/bin:/sbin:/bin


##
##  The next group of settings control which checks are enabled.
##

# Which checks to run daily?
CHECK_DAILY="DISKFREE PASSWD SOCKETS"

# Which checks to run weekly?
CHECK_WEEKLY="SETUID IPTABLES_LOGS"

#
#  Check for mounts which have very little disk space free.
#
CHECK_DISKFREE="TRUE"
# Configure the checks in /etc/checksecurity/check-diskfree.conf


#
#  Check passwords
#
CHECK_PASSWD="TRUE"
# Configure the checks in /etc/checksecurity/check-passwd.conf


#
#  Check setuid files
#
CHECK_SETUID="TRUE"
# Configure the checks in /etc/checksecurity/check-setuid.conf

#
#  Check open sockets
#
CHECK_SOCKETS="TRUE"
# Configure the checks in /etc/checksecurity/check-sockets.conf

#
#  Check iptables logs
#
CHECK_IPTABLES_LOGS="FALSE"