similar to: The AIDE section of the Hardening CentOS wiki page

Hello All, My username is MikeThompson The link to configure Aide at the bottom of this page: https://wiki.centos.org/HowTos/OS_Protection Is dead, and says its dead, however, the old link to http://www.bofh-hunter.com/2008/04/10/centos-5-and-aide/ now redirects to a malicious website. One of my less than savvy users got his windows machine infected there last night. I'm wondering if it

On 02/02/2016 04:27 PM, Mike Thompson wrote: > Hello All, > > My username is MikeThompson > > The link to configure Aide at the bottom of this page: > https://wiki.centos.org/HowTos/OS_Protection > > Is dead, and says its dead, however, the old link to > http://www.bofh-hunter.com/2008/04/10/centos-5-and-aide/ now redirects > to a malicious website. > > One of

Hi all; On OS Hardening ( http://wiki.centos.org/HowTos/OS_Protection ) there's a section on "Physical Protection" that includes requiring a single-user mode password. There's four lines that look something like this: echo "Require the root pw when booting into single user mode" >> /etc/inittab echo "~~:S:wait:/sbin/sulogin" >> /etc/inittab echo

Should the URL match the word used in the subject? [0] [0] http://wiki.centos.org/SpecialInterestGroup/Hardening jerry On Wed, Apr 29, 2015 at 8:45 AM, Alan Bartlett <ajb at elrepo.org> wrote: > On 29 April 2015 at 14:23, Earl A Ramirez <earlaramirez at gmail.com> wrote: >> Dear Doc Admins, >> >> My name is Earl Ramirez and I have a particular interest with the

Dear Doc Admins, My name is Earl Ramirez and I have a particular interest with the 'hardening' SIG, therefore I will like to know if its possible for me to have write access to the hardening SIG page [0]. My goal is to kick off the draft and as we come together to decide the goals and direction of the SIG I will update the content accordingly. [0]

Hi Guys, I would like advice for best practices to secure my linux boxes. Know if I have been hacked, know of security breaches, etc. Can anyone provide advice? -Jason

I have an "old and decrepit" install of Shorewall, installed from a Debian package. I''m having a problem, so in order to get support, I''m working on upgrading to the most recent stable version. What I''d like to do, is to test the new version with my configuration files, without actually installing it -- just untarring it. Is this possible? How can I

Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade

Hi, i would like to contribute to the WiKi. Lots of the articles are outdated... *Username: LucianMaly* *Proposed subject of my contribution(s): for example https://wiki.centos.org/HowTos/Skype <https://wiki.centos.org/HowTos/Skype> and https://wiki.centos.org/HowTos/OS_Protection <https://wiki.centos.org/HowTos/OS_Protection> plus some others* *Proposed location of my

Having problems with Tripwire on C6, I installed AIDE from the base repository. x86_64 0.14-3.el6_2.2 base 123 k typing: aide result: "Couldn't open file /var/lib/aide/aide.db.gz for reading" (directory is empty and aide.db.gz does not exist.) typing: aide -i (for initialise the Aide database) result: "AIDE, version 0.14 ### AIDE database at

John, One of my previous jobs was at Unisys doing a dynamic translator for the Univac 1100 / 2200 series computers. We chose LLVM for the base of the translator for its modularity, optimizations, and x86 code generation. We wrote a front-end that parsed Univac instructions and generated IR for them. It all ran on X86-Linux boxes which with some special peripheral adaptors were then

I've got aide aide-0.13.1-4.el5 running on a server, and aide aide-0.13.1-2.0.4.el5 running on a similar server. There appears to have been a change in the way base directories are being monitored in the two versions. Both servers are running logical volumes, but it seems to not matter as I'm running aide on a server without logical volumes and the problem still shows up. Now the

I upgraded my box from 5.3 to 5.4. When running "aide --update", I'm getting this warning message on /var/log/messages "aide: Libgcrypt warning: missing initialization - please fix the application" Below is the aide version installed: aide -v Aide 0.13.1 Compiled with the following options: WITH_MMAP WITH_POSIX_ACL WITH_SELINUX WITH_XATTR WITH_LSTAT64 WITH_READDIR64

Any news on the latest aide package? Current version of aide on CentOS 5 is aide-0.13.1-4.el5. This version of aide produces the following message on /var/log/messages "aide: Libgcrypt warning: missing initialization - please fix the application" when executed. Upstream already has released aide-0.13.1-6.el5 last January. I only see this version on the CentOS5 testing repo

Evolution (aka JimPerrin - or is this the other way around?) has been working on this excellent wiki article: http://wiki.centos.org/HowTos/OS_Protection However, the discussion is taking place at his own blog site http://www.bofh-hunter.com/ . Because this is a CentOS wiki article, I just wonder why we cannot do it here. Sure, his blog site may collect a wider audience, but we traditionally

I'm trying out aide since tripwire doesn't seem to be in the 5. releases anymore. I do not have Selinux on the server (no at installation), and I just yum installed the aide rpms, so I should have the latest. When I run my aide --init, I get all of these lines for all the files: lgetfilecon_raw failed for /usr/share/X11/app-defaults/XLogo:No data available I then copy the

Hello, There are some errors on the HowTos/OS_Protection page on the CentOS wiki. I would like to correct the errors. Thanks, William Voyek -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-docs/attachments/20090821/ad61f2f3/attachment-0004.html> -------------- next part -------------- A non-text

One of my servers has recently started giving an error every time I run "aide --check". I ran it manually twice today with the same results. The second time, I added the -V flag, but that didn't give me anything useful. The system is currently running CentOS 5.3. Nothing on the system has changed recently (that I am aware of). The Aide database hasn't been updated in a few

CentOS Errata and Bugfix Advisory 2012:0499 Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0499.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 4f3ea0a07eba51c9704f76602a5c8f3a460f4e5d8dc7215a0adc1b4b7438fa32 aide-0.13.1-6.el5_8.2.i386.rpm x86_64:

CentOS Errata and Bugfix Advisory 2012:0512 Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0512.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 5304c71177d876ec276f4f021e15f4b1b10e3bcafb709469a2a7f891f2dbab6a aide-0.14-3.el6_2.2.i686.rpm x86_64: