Date: Mon, 15 Jul 2002 19:29:49 +0200 From: "Roger 'Rocky' Vetterberg" <listsub@rambo.simx.org> To: Andrew Johns <johnsa@kpi.com.au> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Recommendations for filesystem integrity checkers? Message-ID: <3D33068D.8090405@rambo.simx.org> References: <20020712065459.GA24030@lupe-christoph.de> <3D2EC5A9.2070305@rambo.simx.org> <3D3207FC.50102@kpi.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Johns wrote: > Roger 'Rocky' Vetterberg wrote: > > > Lupe Christoph wrote: > > > >> Hi! > >> > >> Which filesystem integrity checkers do people use? I've > >> found ports for aide, cksfv, integrit, l5, three versions > >> of tripwire and yafic. (Feel free to point me to the ones > >> I overlooked.) I did not find ports for fcheck and samhain > >> (found on Debian). > >> > >> Since I don't have the time to assess them all, I would > >> like to tap the collective experience of the FreeBSD > >> security people. > >> > >> So which do you use, and why? > >> > >> Thanks for your time, Lupe Christoph > > > > > > Personally, I use aide. Its lightweight, easy to configure > > and automate via scripts and it does exactly I want it to > > do. > > > > > Are you using aide-0.8 or 0.7? I've seen people have problems > with 0.8 getting gcrypt operating (including myself although I > haven't yet had the time to delve in and find the actual problem). > > If you've succeeded with 0.8, what magic incantation did you need > to get gcrypt to compile? > > Thanks > AJ <rocky@rambo rocky>aide -v Aide, version 0.7 Compiled with the following options WITH_MHASH CONFIG_FILE = "/etc/aide.conf" This was compiled and configured probably a year ago, and has been working flawless since then. -- R To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D33068D.8090405>