Date: Sat, 10 Aug 2002 19:37:44 -0400 (EDT) From: Dru <dlavigne6@cogeco.ca> To: sroberts@dsl.pipex.com Cc: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: aide-0.7_1 docs? Message-ID: <20020810193522.J9801-100000@x1-6-00-80-c8-3a-b8-46> In-Reply-To: <1029018608.38776.126.camel@Demon.vickiandstacey.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10 Aug 2002, Stacey Roberts wrote: > Thanks for the quick reply Dru (I read your articles quite often!). > > I used to use tripwire, but found that it didn't *really* do what I > thought it would (which is provide real-time notification of intrusion > attempts / hacks). In the end, tripwire proved to be a heavy-weight file > (system) changes indicator, more than anything else. > > I'll not want to go with yet another app that appears to promise a lot, > but doesn't "do what it say on the tin", so to speak. > > The description of aide mentions: > > AIDE is Advanced Intrusion Detection Environment. > This piece of software was written as a replacement and extension > for Tripwire. Tripwire is an excellent program in itself but lacks > some features and is a closed product. > > Current Features: > Multiple integrity checking algorithms (Even more with mhash support) > Ability to output the database to stdout/file > Easy configuration through a powerful configuration file > > Planned Features: > Multiple database retrieval backends > Encrypted databases > Compressed databases(zlib bzip2 support) > Windows NT port > Email report > More elaborate report options > Recurse=n > Interactive db update > > Not that I want to weigh you down on this, but does aide as yet do any > of the "Planned Features" as yet? In particular, compressed dbases, > E-Mail reporting & Interactive dbase updates? > > Thanks again for getting back to me. From your response, it does appear > that you are happy with aide, and I'm happy that it will prove to be as > useful and effective to me as well. > > Hope to hear from you again soon. Hi Stacey, You know, you forced me to take a closer look at "man aide.conf", and it gives the proper URL to the docs on the guy's website. Check out that manpage and his docs to get an idea of what aide does/doesn't do. :) Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020810193522.J9801-100000>