andy baxter schrieb:
andy baxter wrote:
[... I'm planning to ...]
- use aide to check the system files regularly. The way I'm thinking
of doing this is to put a bootable debian image (with aide installed)
on a flash disk, then every week or so boot my laptop from this with
the slug's usb hard drive plugged into the laptop as well, and check
the system using aide that way. Then install any updates, then
calculate the checksums again and store them on the flash disk (which
I would never use for any other purpose). This is putting me off
somewhat, as I was doing something similar with another server I had
a while back, and it was a fair bit of hassle to keep it up every
week. So it would be good to know if this is overkill, or a sensible
thing to do?
Thanks to those who replied about ssh config. Would be good to know
more about whether it's worth setting up aide for a small home server
like this, and if the way I'm thinking of doing it is OK. My main
worry isn't someone reading my files, which aren't desperately secret,
it's that I don't want to hassle of having to reinstall after being
cracked, and I don't want to become part of someone else's botnet.
It depends on you. I'd think that it's enough if you watch the processes
running on your server from time to time, check it with rkhunter or
something similar and keep an eye on your logs (via logcheck for
example). You also can chroot your webserver. For me, using something
like aide would be a bit too much for a small personal server.
martin
andy
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
