From owner-freebsd-security Fri Dec 28 11:32:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from crimelords.org (crimelords.org [199.233.213.8]) by hub.freebsd.org (Postfix) with ESMTP id 8AE2637B41A for ; Fri, 28 Dec 2001 11:32:06 -0800 (PST) Received: from localhost (admin@localhost) by crimelords.org (8.11.6/8.11.6) with ESMTP id fBSJQBu69484; Fri, 28 Dec 2001 13:26:11 -0600 (CST) (envelope-from admin@crimelords.org) Date: Fri, 28 Dec 2001 13:26:11 -0600 (CST) From: admin To: Cy Schubert - ITSD Open Systems Group Cc: Subject: Re: AIDE In-Reply-To: <200112281806.fBSI66l08175@cwsys.cwsent.com> Message-ID: <20011228131939.H69449-100000@crimelords.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Well, I did get it working on one of the 2 boxes (both are almost identicle). I used the standard default aide.conf.sample file and it works on one, but not on the other. I ran aide --verbose=255 a few times to see if it was giving the Segmentation Fault at the same spot each time, and it appears that it is. When it gets to Opening /usr/local/lib/libltdl.so.1 for md check Segmentation fault (core dumped) Everytime it hits this (or maybe the next file) it seg faults. I'm guessing it's just something odd on this one box that I'll have to track down further, since I got it working on other systems. I'll probably change the ruleset around that dir or file and see what it changes from there. Thanks for the input, now that I know it works, I will drive myself nutz fixing the one that doesn't. --emac On Fri, 28 Dec 2001, Cy Schubert - ITSD Open Systems Group wrote: > In message <20011228103513.V68876-100000@crimelords.org>, admin writes: > > Has anyone had success with installing AIDE on freeBSD 4.4 stable? I've > > tried it on 2 machines and recieved Seg faults just trying to create the > > initial database ( aide --init ). Maybe I should stick with tripwire? > > Can anyone suggest any other Intrusion Detection type programs I may try > > out? (opensource of course). > > I'm not seeing any problems here under 4.5-PRE. Would you please post > you aid.conf file. > > > Regards, Phone: (250)387-8437 > Cy Schubert Fax: (250)387-5766 > Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca > Open Systems Group, ITSD > Ministry of Management Services > Province of BC > FreeBSD UNIX: cy@FreeBSD.org > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message