On Sun, May 19, 2013 at 9:29 PM, Philipp Duffner <philipp@xxxxxxxxxxx> wrote:
>
> I think I really hit a snag with this one - I have no idea where to go
> forward from here.
> I'd appreciate any ideas.
>
I use aide (akin to tripwire) to keep file signature db. The online
db file is immutable but I also keep a copy of it offline (along with
sha1sum)
Run aide (the static binary) against the db file to detect changes (if any).
Also rpm -qa --verify will list files whose MD5 sums have changed, not
a full proof method.
You may also look at fail2ban, mod_evasive, mod_security (EPEL repo).
--
Arun Khan
Sent from my non-iphone/non-android device
(অরুণ খান্/अरुण खान)
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
