[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What is the best free HIDS for Debian

With that many errors from that many different programs it strongly suggests that there is a problem with your filesystem, possibly an existing infection.

When testing for intrusion on a system that has been running with a live connection, it's necessary to test from an inviolate source, an ISO image that is known to be un-infected. Obviously, this should not be created on an infected machine, which is a problem if you have limited resources.

Nevertheless, you can try building a live image and testing from that.


On 2022-05-03 07:18, Sylvain wrote:
Thank you for your responses!

- It throws a segfault error while scaning on one PC. No errors
mentioned in log files.
- on another machine tripwire worked fine for a long time but now I
have this error while scaning:
	*** Fatal exception: basic_string::_M_create
	*** Exiting...
	run-parts: /etc/cron.daily/tripwire exited with return code 8

I have a segfault and this line in syslog: kernel: [ 1771.894150]
aide[7032]: segfault at 1c ip 00007f7472672050 sp
00007fffc95d5bf0 error 4 in libnss_systemd.so.2[7f7472671000+33000].
The system is up to date from backports. The segfault is solved if I
use the aid-dynamic package, but the scan is too much long...

I have this error while initializing the DB: integrit (main): Error:
walk_file_tree: Permission denied
The support is simply a mailing list and I still don't have an answer
about this problem.

There is no .deb for this soft. The compilation ends with an error.
I've just contact the support.

There's a problem during installation. I've just contact the support.

I'll test Wazuh.

Reply to: