Ingo Schwarze wrote:
Agreed. Even storing hashes off site it wouldn't be difficult to get around this system. But I do find it extremely useful for keeping track of system changes.By the way, in case you are looking for serious intrusion detection, you should not rely on /etc/security anyway, but install (and maintain!) some real intrusion detection system.Yours, Ingo
What real IDS would people here recommend? Mike
