XYGATE Compliance PRO (XSW) Reference Manual
XYGATE
®
Compliance PRO
™
Reference Manual
Chapter 9. System Integrity Checks
XYPRO Technology Corporation 172 Proprietary and Confidential
9.4 Integrity Checks for Guardian Files and OSS Files
Various attributes are collected about each file being inspected. Analyzing the baseline
value and comparing it to the current value determines whether or not the Integrity
Check has failed. These attributes apply to the members of the following Integrity
Checks:
Guardian Files / Guardian Subvols /
File Hashing – Guardian Files
OSS Dirs /
File Hashing – OSS Files
EOF File_Type
File_Code Owner_Name
Licensed Sticky
ProgID SetUid
Security SetGid
Owner_Name Sec_Mask
SFG_ACL_Flag OSSACLs_Flag
Create_Time Default_ACLs_Flag
Mod_Time Create_Time
Open_Time (attribute data collected; not used for
comparison of Integrity Check failure)
Mod_Time
Binder_Time (This equates to VPROC today) Binder_Time (This equates to
VPROC today)
Hash_Value Hash_Value
Hash_Algorithm Hash_Algorithm
Notes:
1. A difference found for any one of these attributes (where described) can trigger a
failure of the Integrity Check. In other words, comparisons of all file attributes can
trigger a failure of the Integrity Check. If a change is made to the Integrity Checks
baseline and if the new baseline is not saved, the integrity check will continue to
fail until the new baseline is accepted.
2. Hash Value and Hash Algorithm attributes are only collected and available for the
Integrity Check comparison when the file is specified on the Collection Criteria
using the Select Collection Files for hashing form.
3. Hashing is only available for:
• GUI XSW 2.70 and above.
• Host XYGATESW 2.70 and above.
• Host XYGATETR 1.60 and above.
4. Hashing is very expensive in terms of host resources used. Restrict your selection
to only the most critical files. Selecting a large number of files to be hashed will
impact host performance.