On Saturday, May 9, 2015, Nikhil Sole <[email protected]> wrote: > Thanks Marc, > > I had ended up ignoring these two files: > !/var/lib/aide/aide.db > !/var/lib/aide/aide.db.new > > But I think your suggestion of adding custom rules for these two files > seems like a better approach. > > Thanks, > Nikhil >
Nikhil, Bear in mind that those rules negate AIDE's ability to detect changes that an intruder might make. All the intruder has to do is generate a new aide.db to cover his tracks. On the other hand, if your only concern is data integrity, without intrusion detection, then carry on. Regards, Keith Constable
_______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
