1 |
Howdy, |
2 |
|
3 |
It purports to be a better file integrity checker than tripwire; |
4 |
it even supports using postgresql for very large needs. |
5 |
|
6 |
There is a scant list of files suggested in the aide docs |
7 |
to generate the initial md5 records of these (critically) |
8 |
monitored files. [1] |
9 |
|
10 |
<snip> |
11 |
# Next decide what directories/files you want in the database |
12 |
|
13 |
/etc p+i+u+g #check only permissions, inode, user and group for etc |
14 |
/bin MyRule # apply the custom rule to the files in bin |
15 |
/sbin MyRule # apply the same custom rule to the files in sbin |
16 |
/var MyRule |
17 |
!/var/log/.* # ignore the log dir it changes too often |
18 |
!/var/spool/.* # ignore spool dirs as they change too often |
19 |
!/var/adm/utmp$ # ignore the file /var/adm/utmp |
20 |
<end/snip> |
21 |
|
22 |
I'd be curious if anyone has a more, gentoo-specific list tailored to royjrt |
23 |
gentoo servers or workstations, to generate the initial md5 records for a |
24 |
(newly installed) gentoo system. |
25 |
|
26 |
|
27 |
[1] http://aide.sourceforge.net/stable/manual.html |
28 |
|
29 |
|
30 |
TIA, |
31 |
James |