[Aide] Questions

Manav Nagla manav.nagla at motorolasolutions.com
Tue Aug 16 01:19:30 EEST 2016 

Thank you :-)

On Mon, Aug 15, 2016 at 5:16 PM Brian Mathis <
brian.mathis+aide at betteradmin.com> wrote:

> You might be able to accomplish some of your alerts using AIDE (not read
> alert, maybe copy alert, yes modified alert), but AIDE will only alert you
> after the damage is already done, which probably isn't what you want.  You
> should actively prevent anyone from accessing the file by using proper
> permissions, user/group ownership, and possibly extended acls.  Incron
> might also help you get a level of immediate alerting whenever an action is
> performed on the file.  You won't be able to stop 'root' from reading the
> file no matter what.
>
> ~ Brian Mathis
> @orev
>
>
> On Mon, Aug 15, 2016 at 4:15 PM, Manav Nagla <
> manav.nagla at motorolasolutions.com> wrote:
>
>> Hello,
>>
>> Can someone please help me to answer these questions.
>>
>> *Requirement:*
>> I have a important file which should not be altered, modified, copied, or
>> read by any user. It has to be read by only script (non-interactive) user.
>>
>> Will this tool be a perfect match to monitor only that particular file in
>> Linux ?
>>
>> 1) Can I get alerts when the file is read by other user ?
>> 2) Can I get alerts when the file is copied ?
>> 3) Can I get alerts when the file is modified ?
>> 4) How can I set monitoring capabilities around only 1 file ?
>> 5) Will this tool help me to perform all such actions I'm thinking of ?
>>
>> Thanks in advance,
>>
>> Thanks,
>> MN
>> --
>> Thanks,
>> Manav Nagla,
>> Information Security Solutions,
>>
>> *Motorola Solutions, Inc.,*
>> P: 847-380-0009
>> E: manav.nagla at motorolasolutions.com
>>
>> _______________________________________________
>> Aide mailing list
>> Aide at cs.tut.fi
>> https://mailman.cs.tut.fi/mailman/listinfo/aide
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__mailman.cs.tut.fi_mailman_listinfo_aide&d=DQMFaQ&c=q3cDpHe1hF8lXU5EFjNM_A&r=k9xfUYnolAI6PoGpSHgL2NEStP9CvLTq9U5XfzfG_fozM_qhP4gxHiIc0FeF2JHq&m=xSVzFf4dSNxvIZuv2cjT3EGgLBWP5mr6Z8CnGSTaAJo&s=VcmMJFzqLIsh-7yOzVCTNqNAvYsmumbXVwR_OJuyuFE&e=>
>>
>>
> _______________________________________________
> Aide mailing list
> Aide at cs.tut.fi
> https://mailman.cs.tut.fi/mailman/listinfo/aide
>
-- 
Thanks,
Manav Nagla,
Information Security Solutions,

*Motorola Solutions, Inc.,*
P: 847-380-0009
E: manav.nagla at motorolasolutions.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.cs.tut.fi/pipermail/aide/attachments/20160815/f15053bc/attachment.html>

More information about the Aide mailing list