aide or tripwire

From: Robin Lynn Frank (rlfrank@paradigm-omega.com)
Date: 12/17/01


From: Robin Lynn Frank <rlfrank@paradigm-omega.com>
To: focus-linux@securityfocus.com
Date: Sun, 16 Dec 2001 17:48:34 -0700

We have been using tripwire to notify us if any files were tampered with. I
recently tried aide on one machine and was impressed by its ease of
configuration and lower cpu usage. Are there any problem areas for aide?

-- 
Robin Lynn Frank

Director of Operations Paradigm-Omega, LLC ============================================================ For security reasons, no attachments or HTML content will be accepted. ============================================================



Relevant Pages

  • Re: aide or tripwire
    ... > We have been using tripwire to notify us if any files were tampered with. ... Are there any problem areas for aide? ... this makes it more likely that someone would be able to tamper ...
    (Focus-Linux)
  • Re: aide or tripwire
    ... what about samhain ... >> We have been using tripwire to notify us if any files were tampered with. ... Are there any problem areas for aide? ...
    (Focus-Linux)
  • Whats the better choice? aide or tripwire?
    ... Package: aide ... Description: Advanced Intrusion Detection Environment ... Package: tripwire ...
    (comp.os.linux.misc)
  • Re: Rooted
    ... >> And for that you do not need more than tripwire or aide. ... > you cannot use md5sum on a directory to see what was added. ... > As for tripwire, now your talking about a system monitoring itself. ... Echo _every_ command to a secure loghost. ...
    (comp.os.linux.security)
  • Re: Internet appliance?
    ... I may be a bit overworried, but I think something like Tripwire or AIDE ... To check your machine for rootkit attacks you may like to install ...
    (comp.os.linux)