From c71eef35f5114214a51edc7a52046785ec64d827 Mon Sep 17 00:00:00 2001
From: Jeff Moe <moe@forksand.com>
Date: Wed, 15 Aug 2018 18:25:55 -0600
Subject: [PATCH] Brief notes on aide, chkrootkit, debsecan, debsums, lynis,
 rkhunter

---
 source/resources/apps/aide/README.md       | 1 +
 source/resources/apps/chkrootkit/README.md | 3 +++
 source/resources/apps/debsecan/README.md   | 7 +++++++
 source/resources/apps/debsums/README.md    | 3 +++
 source/resources/apps/lynis/README.md      | 4 ++++
 source/resources/apps/postfix/README.md    | 5 +++++
 source/resources/apps/rkhunter/README.md   | 3 +++
 7 files changed, 26 insertions(+)
 create mode 100644 source/resources/apps/aide/README.md
 create mode 100644 source/resources/apps/chkrootkit/README.md
 create mode 100644 source/resources/apps/debsecan/README.md
 create mode 100644 source/resources/apps/debsums/README.md
 create mode 100644 source/resources/apps/lynis/README.md
 create mode 100644 source/resources/apps/postfix/README.md
 create mode 100644 source/resources/apps/rkhunter/README.md

diff --git a/source/resources/apps/aide/README.md b/source/resources/apps/aide/README.md
new file mode 100644
index 0000000..af199db
--- /dev/null
+++ b/source/resources/apps/aide/README.md
@@ -0,0 +1 @@
+apt install aide
diff --git a/source/resources/apps/chkrootkit/README.md b/source/resources/apps/chkrootkit/README.md
new file mode 100644
index 0000000..8a1a893
--- /dev/null
+++ b/source/resources/apps/chkrootkit/README.md
@@ -0,0 +1,3 @@
+apt install chkrootkit
+
+sed -i -e 's/RUN_DAILY="false"/RUN_DAILY="true"/g' /etc/chkrootkit.conf
diff --git a/source/resources/apps/debsecan/README.md b/source/resources/apps/debsecan/README.md
new file mode 100644
index 0000000..aee85a2
--- /dev/null
+++ b/source/resources/apps/debsecan/README.md
@@ -0,0 +1,7 @@
+apt install debsecan
+
+# Stretch:
+sed -i -e 's/SUITE=GENERIC/SUITE=stretch/g' /etc/default/debsecan
+
+# Buster:
+sed -i -e 's/SUITE=GENERIC/SUITE=buster/g' /etc/default/debsecan
diff --git a/source/resources/apps/debsums/README.md b/source/resources/apps/debsums/README.md
new file mode 100644
index 0000000..6b01659
--- /dev/null
+++ b/source/resources/apps/debsums/README.md
@@ -0,0 +1,3 @@
+apt install debsums
+
+sed -i -e 's/CRON_CHECK=never/CRON_CHECK=weekly/g' /etc/default/debsums
diff --git a/source/resources/apps/lynis/README.md b/source/resources/apps/lynis/README.md
new file mode 100644
index 0000000..38eda03
--- /dev/null
+++ b/source/resources/apps/lynis/README.md
@@ -0,0 +1,4 @@
+apt install lynis
+
+# as root:
+lynis audit system
diff --git a/source/resources/apps/postfix/README.md b/source/resources/apps/postfix/README.md
new file mode 100644
index 0000000..9a14536
--- /dev/null
+++ b/source/resources/apps/postfix/README.md
@@ -0,0 +1,5 @@
+See other dirs for specific configs.
+
+# To update virtual user table on main server:
+vim /etc/postfix/virtual
+postmap /etc/postfix/virtual
diff --git a/source/resources/apps/rkhunter/README.md b/source/resources/apps/rkhunter/README.md
new file mode 100644
index 0000000..cca4f88
--- /dev/null
+++ b/source/resources/apps/rkhunter/README.md
@@ -0,0 +1,3 @@
+apt install rkhunter
+
+sed -i -e 's/CRON_DAILY_RUN=""/CRON_DAILY_RUN="true"/g'	-e 's/CRON_DB_UPDATE=""/CRON_DB_UPDATE="true"/g' -e 's/DB_UPDATE_EMAIL="false"/DB_UPDATE_EMAIL="true"/g' -e 's/APT_AUTOGEN="false"/APT_AUTOGEN="true"/g' -e 's/NICE="0"/NICE="10"/g' /etc/default/rkhunter