On Tue, September 16, 2014 9:40 pm, Always Learning wrote: > > On Tue, 2014-09-16 at 16:41 -0400, Bowie Bailey wrote: > >> Aide does not update it's database file. Whenever you run an init or >> update, it will create a new file. You then have to manually rename >> that file in order to start using the new database. I used aide for some time after tripwire went commercial, stayed without support, and finally a bug (in e-mail...) was discovered. I moved away from aide soon after. You may think of some intrusion detection tool/system that: 1. doesn't keep reference database on the same box (I know, I know, they are signed, etc...) 2. does not rely on binaries living on this same box (think about checking these binaries on another, much more trusted box before using them...) But of course, there is no limit to paranoia when [computer] security is concerned. Sorry, not mentioning what I do ("security through obscurity" helps a bit sysadmin's paranoia ;-) Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos