[ Home | Liste | F.A.Q. | Risorse | Cerca... ]


[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]


Archivio: openbsd@sikurezza.org
Soggetto: aide
Mittente: goony
Data: 21 Jan 2002 18:33:20 -0000
Salve ragazzi..
domanda... qualcuno usa/conosce AIDE?
E' un programmino carino simile a "Tripwire". L'ho installato
dai ports su una 3.0 GENERIC. Utilizzando una configurazione di base (che
incollo piu'
in basso) non riesco ad utilizzarlo. Preciso: in teoria in /var/db/aide.db
dovrebbe crearmi la lista dei file che inizialmente ha controllato.
Ma provando e riprovando niente... il file rimane vuoto. Ho letto
man, documenti in rete, appunti (http://www.appuntilinux.prosa.it/a2346.html)
ma niente.. il file rimane vuoto e non ricevo errori. 
Qualcuno e'/e' stato nella mia stessa situazione?

aide.conf

#
# AIDE 0.7
#
# example configuration file

@@ifndef TOPDIR
@@define TOPDIR /
@@endif

@@ifdef DEBUG
@@define DEBUG ison
@@undef NOT_DEBUG
@@else
@@define NOT_DEBUG true
@@undef DEBUG
@@endif

@@ifhost freedom
@@define freedom yes
@@endif

@@ifnhost freedom
@@define freedom true
@@endif

# The location of the database to be read.
# File delle informazioni accumulate in precedenza
database=file:/var/db/aide.db

# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
database_out=file:/var/db/aide.db.new

# Whether to gzip the output to database
# gzip_dbout=no

#verbose=5
verbose=20

#report_url=stdout
#other possibilities
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#report_url=file:/tmp/some_file.txt
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
report_url=stdout

#p:     permissions
#i:     inode
#n:     number of links
#u:     user
#g:     group
#s:     size
#b:     block count
#m:     mtime
#a:     atime
#c:     ctime
#S:     check for growing size
#md5:   md5 checksum
#sha1:  sha1 checksum
#rmd160:     rmd160 checksum
#tiger:     tiger checksum
#R:     p+i+n+u+g+s+m+c+md5
#L:     p+i+n+u+g
#E:     Empty group
#>:     Growing logfile p+u+g+i+n+S
#The following are available if you have mhash support enabled.
#haval:         haval checksum
#gost:          gost checksum
#crc32:         crc32 checksum

# Rule definition
All=R+a+sha1+rmd160+tiger

# ignore_list is a special rule definition
# the attributes listed in it are not displayed in the
# final report

# Attributes that can be used to verify that aide in intact
# by people that have downloaded it from the web.
# Let's be paranoid 
Norm=s+n+b+md5+sha1+rmd160+tiger

=/$                     R
/bsd$                   L+s+sha1
/etc$                   L+s+sha1

# my passwd database should be static at time of system build.  yours may
# not be, if not, uncomment the lines below.

/etc/passwd             L
/etc/master.passwd      L
#/etc/pwd.db            L
#/etc/spwd.db           L

# /home
=/home$                 R

# /usr
# /usr/bin
/usr/bin                R   
/usr/include            R 
/usr/lib                R  
/usr/libdata            R
/usr/libexec            R
/usr/local/bin          R
/usr/local/etc          L+s+sha1
/usr/local/lib          R
/usr/local/libexec      R
/usr/local/sbin         R
/usr/local/share        R
/usr/sbin               R
/usr/share              R

=/tmp$                  L
---------------------------------------------

  grazie, goony

-- 
goony <goony@OpenBEER.it>
"Beer OpenBSD User Group" founder - http://www.OpenBEER.it
KeyID: 1024D/1CDA1B3D
Fingerprint: CDF5 5246 D424 CF61 0330  A516 93F9 4D38 1CDA 1B3D
GnuPG PubKey: http://www.OpenBEER.it/keys/goony.gpg
--

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List




[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005