similar to: aide questions, please

Displaying 20 results from an estimated 8000 matches similar to: "aide questions, please"

2014 Sep 09
1
C6 : AIDE experience
Having problems with Tripwire on C6, I installed AIDE from the base repository. x86_64 0.14-3.el6_2.2 base 123 k typing: aide result: "Couldn't open file /var/lib/aide/aide.db.gz for reading" (directory is empty and aide.db.gz does not exist.) typing: aide -i (for initialise the Aide database) result: "AIDE, version 0.14 ### AIDE database at
2016 Feb 02
2
Wiki Update - Aide Link
Hello All, My username is MikeThompson The link to configure Aide at the bottom of this page: https://wiki.centos.org/HowTos/OS_Protection Is dead, and says its dead, however, the old link to http://www.bofh-hunter.com/2008/04/10/centos-5-and-aide/ now redirects to a malicious website. One of my less than savvy users got his windows machine infected there last night. I'm wondering if it
2008 Mar 29
3
Is tripwire still being developed?
<p> </p>
2012 Sep 28
1
Changes to inodes discovered by aide
Hi. On one of my servers aide just reported inode changes to a large bunch of files in a variety of directories, e.g. /usr/bin, /usr/sbin etc. This machine sits behind a couple of firewalls and it would be hard to get to. The day before I updated "clam*" and updated the aide database right after that: -rw------- 1 root root 7407412 Sep 26 10:58 aide.db.gz The problem was that the
2008 Dec 23
4
tripwire on centos 5
Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? M. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL:
2008 Dec 28
1
aide and changes in system
I've checked my system by aide and i've received information: changed: /bin changed: /bin/tar changed: /bin/mv changed: /bin/cp changed: /bin/ls changed: /bin/vi i don't remember that I changed those commands, what does it mean? Somebody broken in? or those commands are changed normally? -- This message has been scanned for viruses and dangerous content by MailScanner, and is
2006 Jun 12
3
Check integrity or rootkits on remote server?
Hello, when one has physical access to a computer, he can run something like tripwire, with keys and checksum on a separate, write-only media, to verify the integrity of the system. What if the system is a remote one (in my case Centos 4.3 on a User Mode Linux VPS some hundred of KMs from here)? Does it still make sense to run tripwire remotely? If yes, how, since you cannot plug a floppy or
2003 Jun 09
1
Have I been hacked?
I'm noticing something strange on two of my machines.. They're both 4.7-RELEASE-p3 i386 and they've both been up 150 days without any problems... /var/log/messages on each system contains only: Jun 9 12:00:01 in newsyslog[60291]: logfile turned over dmesg's output is truncated.. it periodically changes, but currently it reads: ite.net host=6532251hfc207.tampabay.rr.com
2008 Jan 13
3
Anti-Rootkit app
Hi all, I need to install an anti-rootkid in a lot of servers. I know that there're several options: tripwire, aide, chkrootkit... ?What do you prefer? Obviously, I have to define my needs: - easy setup and configuration - actively developed -- Thanks, Jordi Espasa Clofent
2000 Aug 16
2
Tripwire and cron
I am trying to get tripwire 1.2 patch level 2 on Redhat 6.2 to run out of cron and so far have failed miserably. It runs fine from the command line so I know my configuration is ok, but when it runs from cron it gets to Phase 3 and simply exits. It doesn''t generate any error messages or leave any core files laying around.
2005 Jan 19
3
tripwire
Is there a redhat or contrib RPM for tripwire? I looked and didn't find one, but may not have been looking in the right place. Zebee
2009 Nov 04
3
Tripwire Question
I'm trying to run tripwire on a RHEL 5.4 box. I'm new to it. I'm getting errors: The object: "/ora" is on a different file system...ignoring. For one thing, it's not a different file system. It's not any different than the root partition, that tripwire will monitor. And I want tripwire to monitor it. I've been googling around, and have seen this error in
2005 Feb 16
2
YUM and Tripwaire
I am looking for a location where I can get tripwire to install and update via YUM. I know this is not the most secure thing but with the amount of machines that I have, I have not other choice. So far I have found http://download.fedoralegacy.org/redhat/9/updates/SRPMS/ Does anyone know one for CentOS? Thanks ---------------------------------------------------------------------- This mail
2012 May 25
4
PCI/DSS compliance on CentOS
I have a client project to implement PCI/DSS compliance. The PCI/DSS auditor has stipulated that the web server, application middleware (tomcat), the db server have to be on different systems. In addition the auditor has also stipulated that there be a NTP server, a "patch" server, The Host OS on all of the above nodes will be CentOS 6.2. Below is a list of things that would be
2011 Jul 21
2
tripwire alternative
Hello all, Years ago, I used to work with tripwire for system monitoring. Last time I checked with "yum search tripwire", there is no hit. IIRC, it used to be packed by default on older Redhat distros. Any suggestion for an alternative of tripwire for my CentOS 5.6? Cheers, -- ********************************************************************** Viet Nhat General Joint Stock
2009 Nov 28
6
AIDE or OSSEC on CentOS 5.4 x86_64?
Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade
2010 Mar 04
8
Intrusion Detection
Hello all, I have been exploring the various intrusion detection systems available for the Linux platform and was wondering what ones you all would recommend? I have used AIDE before and while it is extremely easy to setup, it does not support the ability to send alerts as files are changed (allows one to be aware of an intrusion almost immediately). Thank you, Dan Burkland ?
2005 Jan 13
3
Aggregating logs from numerous FreeBSD machines
Hi folks, My stack of trusty FreeBSD servers always seems to be growing, and it's getting to the point where the daily and security output mail is too much to make good use of. I'm looking for suggestions for log monitoring and aggregation tools, especially from a monitoring-for-security perspective. If I had to imagine an ideal system, it would be a central server that securely
2005 Jun 16
3
turning off prelinking?
In short, the reason considering (and still only considering) turning it off is to make tripwire usable again (security vs. performance, I guess). Is it possible to completely turn it off system-wide? Any additional steps needed on the existing system (that already have half of the binaries prelinked)? What order of performance degradation to expect? If it is minor, nobody is going to cry
2010 Apr 29
1
Aide error "Caught SIGBUS/SEGV"
One of my servers has recently started giving an error every time I run "aide --check". I ran it manually twice today with the same results. The second time, I added the -V flag, but that didn't give me anything useful. The system is currently running CentOS 5.3. Nothing on the system has changed recently (that I am aware of). The Aide database hasn't been updated in a few