AIDE (file integrity checker)
From: Richard Harke (rharke@earthlink.net)
Date: 12/12/02
- Next message: mikepb@hoplite.org: "! --syn vs ESTABLISHED"
- Previous message: hf: "Re: Iptables firewall"
- Next in thread: Tim Haynes: "Re: AIDE (file integrity checker)"
- Reply: Tim Haynes: "Re: AIDE (file integrity checker)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Richard Harke <rharke@earthlink.net> Date: Thu, 12 Dec 2002 04:04:10 GMT
I have been trying to set up AIDE on one of my machines. I just installed
SuSE 8.1 and wanted to get this working before I connect it to the
network.
After I had run in init mode, I copied db, AIDE binary and
config file to a CDROM. Then I ran it in check mode from
the CD The report said there were 111,000 files changed -- not useful
I set up a test and apparently the main problem was checking
the access time This apparently gets changed when AIDE runs
so it always shows a problem. I took out access time checking
and I'm left with a question.
My config had
/home/aide_test/testa
=/home/aide_test/testb
Both of these directories had a couple of short files
(All other paths negated !/whatever )
The files in testa seemed to check OK but for testb
the files apparently were not added to the db during
the init run and later were reported as new files.
Can anyone tell what the =/ syntax is good for??
Richard
- Next message: mikepb@hoplite.org: "! --syn vs ESTABLISHED"
- Previous message: hf: "Re: Iptables firewall"
- Next in thread: Tim Haynes: "Re: AIDE (file integrity checker)"
- Reply: Tim Haynes: "Re: AIDE (file integrity checker)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
