[Aide] Intrusion report of directory files
oliver.k at bluewin.ch
oliver.k at bluewin.ch
Mon Jun 6 11:49:34 EEST 2011
Hi all
I'm pretty new to AIDE and tried for a while to get along with the configuration.
I have made a rule like
this:
RULE=p+i+n+u+g+s+m+md5
and use this rule on the directory path /opt
/opt RULE
My problem are some scripts
that write temporary files in the directory somewhere in /opt/.../... and by this behavior it causes aide do report an
intrusion because of the mtime check. Does anyone have an idea how I can solve that problem? I don't want to remove the
mtime check. My thoughts go to the direction of excluding the mtime check for all directory files, is that possible?
Thank you for your time and help
More information about the Aide
mailing list