[Aide] Reading AIDE database from a URL?
Alex Greg
alex.greg at gmail.com
Tue Mar 21 17:42:45 EET 2006
I've been looking at AIDE over the past few days, with a view to
rolling it out on over 60 Linux servers. So far, it's looking much
better than Tripwire, from both an installation and performance point
of view.
The only problem I have with AIDE is that the database is stored in
plain-text, which means if an attacker gains root access on one of the
boxes, they can simply change the database. I can't feasibly store the
database on read-only media such as floppies/CD's for obvious reasons
(60+ floppies/CD's in 60+ servers...?)
I noticed that AIDE supports reading the database from a remote server
using PostgreSQL, which is useful. However, what would really be ideal
for us would be to store the database for each machine on an internal
HTTP server, and configure AIDE to validate against that.
Is HTTP support for reading the database planned, or does anyone know
of a patch? Also, if there are any other suggestions, please let me
know!
Thanks,
-- Alex
More information about the Aide
mailing list