On Wed, Aug 28, 2013 at 02:53:01PM -1000, Mason Nakadomari wrote:
We figured that the removal of a checksum would help performance
No. aide is almost always disk-bound, computing the checksum happens
in negligible time on today's system. You're waiting for your disk,
nothing else.
Run aide with
Thanks the goal is monitor everything but to tailor it to the files and
system. So we fully intended to only monitor things like permissions for
files that change a lot or things like /dev. But we didn't think that
looking at them at all would cause such a hang up. We are even trying to
scan using
Hi we are using fibre channel and sas disks off a vmware cluster. So I'm
not sure that would be a problem. Any recommendations on what in particular
to exclude from /proc /sys /dev. We don't want to exclude all of those
directories. I will try to see if that is my problem.
On Aug 29, 2013 3:55 AM,
Meaning I will see if my scans go faster without those directories but I'd
still like to scan those directories in a way to make it faster. It
shouldn't be impossible to scan those directories should it?
On Aug 29, 2013 8:08 AM, Mason Nakadomari nakad...@hawaii.edu wrote:
Hi we are using fibre
On Thu, Aug 29, 2013 at 2:09 PM, Mason Nakadomari nakad...@hawaii.edu wrote:
Meaning I will see if my scans go faster without those directories but I'd
still
like to scan those directories in a way to make it faster. It shouldn't be
impossible
to scan those directories should it?
You can
On Thu, Aug 29, 2013 at 08:09:34AM -1000, Mason Nakadomari wrote:
Meaning I will see if my scans go faster without those directories but I'd
still like to scan those directories in a way to make it faster. It
shouldn't be impossible to scan those directories should it?
/proc and /sys - on
Thanks our group has some experience but we are relatively new to Red Hat
and we have some solaris experience. Its just that we are trying to be very
rigorous to meet security requirements. We have found we need something
tighter than the default settings. Is there a recommended tighter
I'm enacting some of your advice immediately thank you very much to the
both of you. I'll let you know my progress. I know I'm a rookie at this but
I appreciate the help.
On Thu, Aug 29, 2013 at 8:49 AM, Marc Haber mh+a...@zugschlus.de wrote:
On Thu, Aug 29, 2013 at 08:09:34AM -1000, Mason
