Problem with AIDE

To: debian-user@lists.debian.org
Subject: Problem with AIDE
From: Virgo Pärna <virgo.parna@mail.ee>
Date: Wed, 20 Jul 2005 06:14:32 +0000 (UTC)
Message-id: <[🔎] slrnddrqu8.e6e.virgo.parna@dragon.gaiasoft.ee>

    Since I upgraded my Woody servers to Sarge AIDE has started 
to give strange results - but not always. But sometimes it show 
that some files have been added to /lib, /bin or /sbin directory - 
but those files existed there before (when running aide --update).

Like:

added:/sbin/e2fsck
added:/sbin/fsck.ext2
added:/sbin/fsck.ext3

    All those directorys are mitored with AIDE rule 
Binlib = p+i+n+u+g+s+b+m+c+md5+sha1
Same rule is used for /usr/bin and /usr/lib directory's also - but 
there are no anomalies.
    There aren't any other signs of problem that would indicate 
intrusion.

-- 
Virgo Pärna 
virgo.parna@mail.ee

Reply to:

Prev by Date: Re: Sound is clipping - alsamixer isn't working
Next by Date: Re: Sound Configuration
Previous by thread: Re: Let me Introduce Myself to your Church or Ministry
Next by thread: Kerberos+LDAP+NIS?
Index(es):
- Date
- Thread