On Sun, 7 Dec 2003, ScruLoose wrote:
> On Fri, Dec 05, 2003 at 09:36:07AM -0800, Bill Moseley wrote:
>
> > 1) For a machine that doesn't have a cdrom and/or is physically
> > available to me, is there any other trick to make sure the database is
> > secure? The machine I'm thinking about doe
On Sun, Dec 07, 2003 at 12:34:20AM -0500, ScruLoose wrote:
> > 3) What if an attacker that broke into the machine simply disables the
> > cron job for aide? How would that be detected?
>
> When you don't get the daily report, start worrying.
I guess. I try to watch for them, but after 100 da
On Fri, Dec 05, 2003 at 09:36:07AM -0800, Bill Moseley wrote:
> 1) For a machine that doesn't have a cdrom and/or is physically
> available to me, is there any other trick to make sure the database is
> secure? The machine I'm thinking about doesn't have nfs mounts
> available to it, either.
- Original Message -
From: "Bill Moseley" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, December 05, 2003 11:36
Subject: Using aide for detection
> A few questions about actually using the aide package:
>
> I asked before about using
A few questions about actually using the aide package:
I asked before about using the aide package. The default
installation places the database (and the binary for that matter) in a
place where they can be modified.
Someone recommended making the file immutable. From googling it seems
that it
5 matches
Mail list logo
