[Aide] Checksum Aide Alerts
Hannes von Haugwitz
hannes at vonhaugwitz.com
Wed May 3 22:25:58 EEST 2017
Hi,
On Wed, May 03, 2017 at 11:56:44AM -0700, Malcolm Dsouza wrote:
> aide -v
> Aide 0.15.1
Can you please try out the current stable version of AIDE (v0.16)?
> Could this be a problem in the GCRYPT library?
Maybe... can you compile AIDE with libmhash and try if that makes a
difference?
> Could someone guide me as to how I can investigate the root cause of this
> issue (what things can I try) and know for certain if this was indeed a
> false positive?
Please use verbose level 6 and provide the detailed changes for the
entries (files) in question (preferably with AIDE v0.16).
Additionally ensure that the AIDE database was not changed between the
AIDE runs (with AIDE 0.16 the checksums of the AIDE database(s) are
added to the end of the final report).
Best regards
Hannes
More information about the Aide
mailing list