similar to: aide rpm requirement

I'm trying out aide since tripwire doesn't seem to be in the 5. releases anymore. I do not have Selinux on the server (no at installation), and I just yum installed the aide rpms, so I should have the latest. When I run my aide --init, I get all of these lines for all the files: lgetfilecon_raw failed for /usr/share/X11/app-defaults/XLogo:No data available I then copy the

I upgraded my box from 5.3 to 5.4. When running "aide --update", I'm getting this warning message on /var/log/messages "aide: Libgcrypt warning: missing initialization - please fix the application" Below is the aide version installed: aide -v Aide 0.13.1 Compiled with the following options: WITH_MMAP WITH_POSIX_ACL WITH_SELINUX WITH_XATTR WITH_LSTAT64 WITH_READDIR64

Any news on the latest aide package? Current version of aide on CentOS 5 is aide-0.13.1-4.el5. This version of aide produces the following message on /var/log/messages "aide: Libgcrypt warning: missing initialization - please fix the application" when executed. Upstream already has released aide-0.13.1-6.el5 last January. I only see this version on the CentOS5 testing repo

I've got aide aide-0.13.1-4.el5 running on a server, and aide aide-0.13.1-2.0.4.el5 running on a similar server. There appears to have been a change in the way base directories are being monitored in the two versions. Both servers are running logical volumes, but it seems to not matter as I'm running aide on a server without logical volumes and the problem still shows up. Now the

Hello All, My username is MikeThompson The link to configure Aide at the bottom of this page: https://wiki.centos.org/HowTos/OS_Protection Is dead, and says its dead, however, the old link to http://www.bofh-hunter.com/2008/04/10/centos-5-and-aide/ now redirects to a malicious website. One of my less than savvy users got his windows machine infected there last night. I'm wondering if it

On 02/02/2016 04:27 PM, Mike Thompson wrote: > Hello All, > > My username is MikeThompson > > The link to configure Aide at the bottom of this page: > https://wiki.centos.org/HowTos/OS_Protection > > Is dead, and says its dead, however, the old link to > http://www.bofh-hunter.com/2008/04/10/centos-5-and-aide/ now redirects > to a malicious website. > > One of

Having problems with Tripwire on C6, I installed AIDE from the base repository. x86_64 0.14-3.el6_2.2 base 123 k typing: aide result: "Couldn't open file /var/lib/aide/aide.db.gz for reading" (directory is empty and aide.db.gz does not exist.) typing: aide -i (for initialise the Aide database) result: "AIDE, version 0.14 ### AIDE database at

One of my servers has recently started giving an error every time I run "aide --check". I ran it manually twice today with the same results. The second time, I added the -V flag, but that didn't give me anything useful. The system is currently running CentOS 5.3. Nothing on the system has changed recently (that I am aware of). The Aide database hasn't been updated in a few

CentOS Errata and Bugfix Advisory 2012:0499 Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0499.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 4f3ea0a07eba51c9704f76602a5c8f3a460f4e5d8dc7215a0adc1b4b7438fa32 aide-0.13.1-6.el5_8.2.i386.rpm x86_64:

CentOS Errata and Bugfix Advisory 2012:0512 Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0512.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 5304c71177d876ec276f4f021e15f4b1b10e3bcafb709469a2a7f891f2dbab6a aide-0.14-3.el6_2.2.i686.rpm x86_64:

CentOS Errata and Bugfix Advisory 2012:1119 Upstream details at : http://rhn.redhat.com/errata/RHBA-2012-1119.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 170c254c937e7ed9b0fe1ce450b9f7e0db7ed7a1b7cf059c9b8e6d801b10a8f9 aide-0.13.1-8.el5.i386.rpm x86_64:

CentOS Errata and Bugfix Advisory 2014:0948 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0948.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d4286ed601702ca38db7688ff6c509e0ecd491c173e149546e20f9252e3012f2 aide-0.14-7.el6.i686.rpm x86_64:

Hi. On one of my servers aide just reported inode changes to a large bunch of files in a variety of directories, e.g. /usr/bin, /usr/sbin etc. This machine sits behind a couple of firewalls and it would be hard to get to. The day before I updated "clam*" and updated the aide database right after that: -rw------- 1 root root 7407412 Sep 26 10:58 aide.db.gz The problem was that the

I should change this to OT, as it's not really CentOS related. I had a post on the list last week asking how the rpmforge rpm was to be implemented in yum. Craig White was kind enough to list how his yum.conf is appended, I assume after he installed the rpm. Unfortunately, mine is not appended with these lines. I am running CentOS 3. I will add these lines manually, and probably remove

Hi, does anyone know if aide should have access to this socket? SELinux is preventing /usr/sbin/aide from write access on the sock_file /var/run/winbindd/pipe. Thanks Patrick (on CentOS6 if that matters)

CentOS Errata and Security Advisory 2007:0539 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2007-0539.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) i386: 4d43eadcee1c44d276075664f1637811 aide-0.13.1-2.0.4.el5.i386.rpm Source: 67876a10fc2150a90802ea63cc93bffd aide-0.13.1-2.0.4.el5.src.rpm -- Karanbir

CentOS Errata and Security Advisory 2007:0539 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2007-0539.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) x86_64: 592b6412a21aede1e3d36ff676d75451 aide-0.13.1-2.0.4.el5.x86_64.rpm Source: 67876a10fc2150a90802ea63cc93bffd aide-0.13.1-2.0.4.el5.src.rpm --

Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade

I've checked my system by aide and i've received information: changed: /bin changed: /bin/tar changed: /bin/mv changed: /bin/cp changed: /bin/ls changed: /bin/vi i don't remember that I changed those commands, what does it mean? Somebody broken in? or those commands are changed normally? -- This message has been scanned for viruses and dangerous content by MailScanner, and is

My daily AIDE report suggests Grub''s stage2 file has changed. Could I trouble you for your opinion about how concerned I should be and what to do if your concern is moderate or higher? File: /boot/grub/stage2 MD5 : Mlkt9ZVo59SSjvodt+956Q== , yIQIMP6TUHG5BegtoOk0ug== SHA1 : ZxehaXSXcnH/WlcInHpFnyT1vcg= , dReBGlO3DIAB+mjsxUWioB8NlbE=