Directory watching interval -
The interval in seconds to have the login failure daemon watch specified files or directories for changes. If a change is detected then an alert is sent.
Default: 0 Range: 0|30-86400
/tmp dir watching interval -
This tells the login failure daemon to check
/dev/shm directories for suspicious files. If a suspicious file is
found an email alert is sent. One alert per file per LF_FLUSH interval is sent. To enable this feature set the following
to the checking interval in seconds. To disable this option set to 0.
Default: 300 Range: 0|30-86400
/tmp watching file removal -
Enable the removal any suspicious files found during directory watching. These files will be appended to a tarball located in
Default: 0 Range: 0-1
Integrity checking interval -
The interval in seconds to have the login failure daemon compare md5sums of the servers OS binary application files from the time when the login failure daemon was started. If the md5sum of a monitored file is mismatched then an alert is sent. This option acts as an IDS (Intrusion Detection System) in detecting a possible root compromise.
Default: 3600 Range: 0|120-86400