From owner-freebsd-questions Sat Aug 10 16:32: 6 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 759BA37B400 for ; Sat, 10 Aug 2002 16:32:02 -0700 (PDT) Received: from fep9.cogeco.net (smtp.cogeco.net [216.221.81.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0291943E65 for ; Sat, 10 Aug 2002 16:32:02 -0700 (PDT) (envelope-from dlavigne6@cogeco.ca) Received: from d226-39-211.home.cgocable.net (d226-39-211.home.cgocable.net [24.226.39.211]) by fep9.cogeco.net (Postfix) with ESMTP id 23A785DB9; Sat, 10 Aug 2002 19:31:59 -0400 (EDT) Date: Sat, 10 Aug 2002 19:37:44 -0400 (EDT) From: Dru X-X-Sender: dlavigne6@x1-6-00-80-c8-3a-b8-46 To: sroberts@dsl.pipex.com Cc: FreeBSD Questions Subject: Re: aide-0.7_1 docs? In-Reply-To: <1029018608.38776.126.camel@Demon.vickiandstacey.com> Message-ID: <20020810193522.J9801-100000@x1-6-00-80-c8-3a-b8-46> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 10 Aug 2002, Stacey Roberts wrote: > Thanks for the quick reply Dru (I read your articles quite often!). > > I used to use tripwire, but found that it didn't *really* do what I > thought it would (which is provide real-time notification of intrusion > attempts / hacks). In the end, tripwire proved to be a heavy-weight file > (system) changes indicator, more than anything else. > > I'll not want to go with yet another app that appears to promise a lot, > but doesn't "do what it say on the tin", so to speak. > > The description of aide mentions: > > AIDE is Advanced Intrusion Detection Environment. > This piece of software was written as a replacement and extension > for Tripwire. Tripwire is an excellent program in itself but lacks > some features and is a closed product. > > Current Features: > Multiple integrity checking algorithms (Even more with mhash support) > Ability to output the database to stdout/file > Easy configuration through a powerful configuration file > > Planned Features: > Multiple database retrieval backends > Encrypted databases > Compressed databases(zlib bzip2 support) > Windows NT port > Email report > More elaborate report options > Recurse=n > Interactive db update > > Not that I want to weigh you down on this, but does aide as yet do any > of the "Planned Features" as yet? In particular, compressed dbases, > E-Mail reporting & Interactive dbase updates? > > Thanks again for getting back to me. From your response, it does appear > that you are happy with aide, and I'm happy that it will prove to be as > useful and effective to me as well. > > Hope to hear from you again soon. Hi Stacey, You know, you forced me to take a closer look at "man aide.conf", and it gives the proper URL to the docs on the guy's website. Check out that manpage and his docs to get an idea of what aide does/doesn't do. :) Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message