Re: aide or tripwire

From: dewt (dewt@kc.rr.com)
Date: 12/18/01 

From: dewt <dewt@kc.rr.com>
To: Robin Lynn Frank <rlfrank@paradigm-omega.com>, focus-linux@securityfocus.com
Date: Tue, 18 Dec 2001 01:54:59 -0600

On Sunday 16 December 2001 06:48 pm, Robin Lynn Frank wrote:
> We have been using tripwire to notify us if any files were tampered with.
> I recently tried aide on one machine and was impressed by its ease of
> configuration and lower cpu usage. Are there any problem areas for aide?
as far as i know the database for aide isn't signed and encrypted like it is
for tripwire, this makes it more likely that someone would be able to tamper
with it.

Relevant Pages

  • aide or tripwire
    ... We have been using tripwire to notify us if any files were tampered with. ... Are there any problem areas for aide? ... no attachments or HTML content will be accepted. ...
    (Focus-Linux)
  • Re: aide or tripwire
    ... what about samhain ... >> We have been using tripwire to notify us if any files were tampered with. ... Are there any problem areas for aide? ...
    (Focus-Linux)
  • Whats the better choice? aide or tripwire?
    ... Package: aide ... Description: Advanced Intrusion Detection Environment ... Package: tripwire ...
    (comp.os.linux.misc)
  • Re: Internet appliance?
    ... I may be a bit overworried, but I think something like Tripwire or AIDE ... To check your machine for rootkit attacks you may like to install ...
    (comp.os.linux)
  • Re: Rooted
    ... >> And for that you do not need more than tripwire or aide. ... > you cannot use md5sum on a directory to see what was added. ... > As for tripwire, now your talking about a system monitoring itself. ... Echo _every_ command to a secure loghost. ...
    (comp.os.linux.security)