dragonheart at gentoo
Sep 18, 2004, 5:56 PM
Post #2 of 3
(486 views)
Permalink
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
aide-0.10_p20040917 has been commited to portage. This is based of the cvs
snapshot and includes a postgres patch (slightly modified from the patch
submitted by Joshua Schmidlkofer in bug #37007).
This should fix bugs 23764, 37007, and 62194.
On Thu, 29 Apr 2004 12:43 am, Jason R. Wallace wrote:
> I recently installed AIDE. 'aide -v' shows...
>
> Aide, version 0.10
> Compiled with the following options
> WITH_GCRYPT
> WITH_MHASH
> CONFIG_FILE = "/etc/aide/aide.conf"
>
>
> Here is my aide.conf...
>
> I find when I do an 'aide -C' that I have a lot of entries like...
>
> open_dir():Not a directory: /home/.keep
> open_dir():Not a directory: /home/wallacej/work/test.txt
> open_dir():Not a directory: /home/wallacej/work/script
> open_dir():Not a directory: /home/wallacej/make.conf
> open_dir():Not a directory: /home/wallacej/.bashrc
> open_dir():Not a directory: /home/wallacej/.config
>
> They are all related to the /home dir, so I believe Something is wrong
> with my '=@@{TOPDIR}home.* Norm' statement. Anyone see what is wrong?
> For /home all I want to do is check that the permissions/owner are good
> and that no new dir/files have been made in /home.
I hope you've solved this.
>
> Also what is the benefit of doing both md5 and sha1? Shouldn't just one
> of them be sufficient?
sha1 is a stronger, less forgeable hash. If they are diffent algorithms the
likelyhood of making a modification to a file that results in the same hash
for both is a lot less.
- --
Daniel Black <dragonheart [at] gentoo>
Gentoo Forensics Herd
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBTNlDhhpKunZncJcRAg6OAJ4yLPQcULc/xBJPpe1os6PVpo26LgCgqc4u
+fjOEcKsw4jUeTwyb7Yi608=
=/2KL
-----END PGP SIGNATURE-----
--
gentoo-security [at] gentoo mailing list
|
