From owner-freebsd-security  Sun Jul 14 16:24: 5 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EF00037B400
	for <freebsd-security@FreeBSD.ORG>; Sun, 14 Jul 2002 16:24:02 -0700 (PDT)
Received: from www.kpi.com.au (www.kpi.com.au [203.39.132.210])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7A3A443E4A
	for <freebsd-security@FreeBSD.ORG>; Sun, 14 Jul 2002 16:24:01 -0700 (PDT)
	(envelope-from johnsa@kpi.com.au)
Received: from kpi.com.au (localhost.kpi.com.au [127.0.0.1])
	by www.kpi.com.au (8.9.3/8.9.3) with ESMTP id JAA53582;
	Mon, 15 Jul 2002 09:27:27 +1000 (EST)
	(envelope-from johnsa@kpi.com.au)
Message-ID: <3D3207FC.50102@kpi.com.au>
Date: Mon, 15 Jul 2002 09:23:40 +1000
From: Andrew Johns <johnsa@kpi.com.au>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-GB; rv:0.9.4.1) Gecko/20020314 Netscape6/6.2.2
X-Accept-Language: en-gb
MIME-Version: 1.0
To: "Roger 'Rocky' Vetterberg" <listsub@rambo.simx.org>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Recommendations for filesystem integrity checkers?
References: <20020712065459.GA24030@lupe-christoph.de> <3D2EC5A9.2070305@rambo.simx.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Roger 'Rocky' Vetterberg wrote:

 > Lupe Christoph wrote:
 >
 >> Hi!
 >>
 >> Which filesystem integrity checkers do people use? I've
 >> found ports for aide, cksfv, integrit, l5, three versions
 >> of tripwire and yafic. (Feel free to point me to the ones
 >> I overlooked.) I did not find ports for fcheck and samhain
 >>  (found on Debian).
 >>
 >> Since I don't have the time to assess them all, I would
 >> like to tap the collective experience of the FreeBSD
 >> security people.
 >>
 >> So which do you use, and why?
 >>
 >> Thanks for your time, Lupe Christoph
 >
 >
 > Personally, I use aide. Its lightweight, easy to configure
 > and automate  via scripts and it does exactly I want it to
 > do.
 >


Are you using aide-0.8 or 0.7?  I've seen people have problems
with 0.8 getting gcrypt operating (including myself although I
haven't yet had the time to delve in and find the actual problem).

If you've succeeded with 0.8, what magic incantation did you need
to get gcrypt to compile?

Thanks
AJ


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message