Re: aide, apt-get and remote management...
On Fri, Dec 12, 2003 at 07:46:38AM +0100, Lupe Christoph wrote:
>
> We don't use AIDE exclusively at a client site, but in combination
> with Tripwire. We think tripwire is a little more secure becuse it
> uses signed databases.
Perhaps the following ./configure options will prove themselves
useful:
--with-confighmactype=TYPE Hash type to use for checking config.
Valid values are md5 and sha1.
--with-confighmackey=KEY HMAC hash key to use for checking config.
Must be a base64 encoded byte stream.
Maximum string length is 31 chars.
--with-dbhmactype=TYPE Hash type to use for checking db.
Valid values are md5 and sha1.
--with-dbhmackey=KEY HMAC hash key to use for checking db.
Must be a base64 encoded byte stream.
Maximum string lentgth is 31 chars.
--enable-forced_configmd Forces the config to have checksum.
Also disables --config-check
--enable-forced_dbmd Forces the file/pipe database's to have checksum.
This will be the default in the next release.
bit,
adam
--
Am I a cleric? | 1024D/37B8D989
Or maybe a sinner? | 954B 998A E5F5 BA2A 3622
Unbeliever? | 82DD 54C2 843D 37B8 D989
Renegade? | http://sks.dnsalias.net
Reply to: