Re: AIDE or OSSEC on CentOS 5.4 x86_64?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hi Ian,

On 11/30/2009 01:07 AM, Ian Forde wrote:
>> I still want to see the changes, but it would be nice to see the
>> ones I
>> authorized through the update service to be partitioned off from the
>> ones that seem to have no reasonable explanation.
>
> Seems to be that a yum plugin could be written that would accomplish
> this. Consider - it would only allow signed rpm updates, and ask for
> permission (or use a key) to update to LIDS database...

You are mostly on the right track, however, that wont work across the 
whole machine.

imho, the magic potion is to offload the machine state elese where and 
use the compare-with-pre-state on a different 'central' machine. Where 
knowledge like pacakge-ver and package-payload can also be tracked.

- KB
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux