[Aide] Best Practices on storing aide databases
J. Bobby Lopez
jbl at jbldata.com
Fri Jan 14 17:47:35 EET 2011
Hi,
Just started using AIDE, and so far I'm liking it.
I'm curious though what some of the best practices are on storing the AIDE
databases.
When aide.db.new is created, it's in the same directory as aide.db. When I
copy aide.db.new to aide.db, should I be deleting aide.db.new?
What is to prevent someone who happens to gain root from running AIDE again,
generating a new aide.db.new, and copying over aide.db before the next cron
job, therefore making their trespass undetectable?
Thanks,
Bobby
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.cs.tut.fi/pipermail/aide/attachments/20110114/187c1f3b/attachment-0001.html
More information about the Aide
mailing list