[Aide] Need help with AIDE configuration
Keith Constable
kccricket at gmail.com
Fri Apr 22 06:05:38 EEST 2016
"aide --check " compares the file system to the aide database and gives you
a report of changed and added and deleted files.
Are you using an OS packaged version of AIDE? AIDE itself produces no daily
report.
You should only --init a new database once you've validated all changes
reported by the --check run.
What protections do you have in place to ensure that the AIDE binaries and
database aren't compromised by an intruder?
Regards,
Keith
On Thursday, April 21, 2016, LIJE Creative <info at lije-creative.com> wrote:
> Hi guys,
>
> Like you, I'm a user of AIDE but I need a hand about the configuration.
>
> I'm getting the daily aide report. It contains the 1000 first lines of the
> log file.
>
> [image: Images intégrées 1]
>
> Do you know if there is a way to get only the list of newly added entries
> (difference between the new and old database) and the changed entries?
> Everyday, I'm getting these 330k new added entries so I can't check if
> anything is messed up.
>
> I'm running AIDE on my /var/www folder to check newly added files from my
> clients or hackers.
>
> Thanks
>
>
> Jérôme LILLE | Responsable Agence
> info at lije-creative.com
> <javascript:_e(%7B%7D,'cvml','info at lije-creative.com');> | +33 7 70 87 02
> 03
> Site internet : www.lije-creative.com
> ᐧ
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.cs.tut.fi/pipermail/aide/attachments/20160421/7a1903d7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 20706 bytes
Desc: not available
URL: <https://mailman.cs.tut.fi/pipermail/aide/attachments/20160421/7a1903d7/attachment-0001.png>
More information about the Aide
mailing list