From owner-freebsd-questions Sun Aug 11 3:30:58 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E73037B400 for ; Sun, 11 Aug 2002 03:30:54 -0700 (PDT) Received: from colossus.systems.pipex.net (colossus.systems.pipex.net [62.241.160.73]) by mx1.FreeBSD.org (Postfix) with ESMTP id D519443E3B for ; Sun, 11 Aug 2002 03:30:53 -0700 (PDT) (envelope-from stacey@Demon.vickiandstacey.com) Received: from Demon (81-86-129-77.dsl.pipex.com [81.86.129.77]) by colossus.systems.pipex.net (Postfix) with ESMTP id 360FA16000560; Sun, 11 Aug 2002 11:30:51 +0100 (BST) Subject: Re: aide-0.7_1 docs? From: Stacey Roberts Reply-To: sroberts@dsl.pipex.com To: Volker Kindermann Cc: sroberts@dsl.pipex.com, FreeBSD Questions In-Reply-To: <20020811115009.01fa251a.freebsd@secspace.de> References: <20020810180914.Y9801-100000@x1-6-00-80-c8-3a-b8-46> <1029018608.38776.126.camel@Demon.vickiandstacey.com> <20020811115009.01fa251a.freebsd@secspace.de> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-13Vhh+OpcGp8GMQPIn4+" X-Mailer: Ximian Evolution 1.0.8 Date: 11 Aug 2002 11:31:44 +0100 Message-Id: <1029061905.38776.139.camel@Demon.vickiandstacey.com> Mime-Version: 1.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-13Vhh+OpcGp8GMQPIn4+ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Volker, Thanks for the your thoughts and suggestions. I've not looked at the aide docs (as suggested by Dru earlier in the post), and it looks as if I'll only be able to find the URL for the aide docs *after* installing the thing - not happy with that! I'll take a look at samhain today - one thing, is it compatible with FBSD 4.6Stable? Stacey On Sun, 2002-08-11 at 10:50, Volker Kindermann wrote: > Hi Stacey, >=20 > > I used to use tripwire, but found that it didn't *really* do what I > > thought it would (which is provide real-time notification of intrusion > > attempts / hacks). >=20 > I know tripwire and I think it is not intended to do real-time monitoring= . I don't know aide but I can imagine that it don't have real-time monitori= ng, too. Please correct me, if I'm wrong. >=20 > Lately I found a tool called samhain (http://la-samhna.de/samhain/) that = is able to run as a daemon and therefore does some kind of real-time monito= ring. Perhaps you'll give it a try. >=20 > HTH > -volker >=20 --=20 Stacey Roberts B.Sc (HONS) Computer Science --=-13Vhh+OpcGp8GMQPIn4+ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQEVAwUAPVY9DZvQeubckvvXAQEcLQgApnk48fXfT2qcbfrWl/0kzPgPfp0mg5Mo H96Yx30KoIZl0eU1/cPsSK/Xl+J32bXO3Sj5Sb38sKR5XMi0vrivYw+c4p4qO3wv YzTV3A69srCaew5FUt6rmvt7DIB3+uP1WtqqxTZvpeT/UF2bdTSzdoskL1asXyiy gTJiPWKy3/ZiEldUARw/yur07tMwrKBpGJbozcG8j1tUkjSaGzQrEbFEYvgXyeGt XI2grdbK6f5TQFGeS3xpYyLw2IBXfHmJpHiGqxCDUPONUG5nipeAQx/tYcv6fe/9 czAwdAz+Zmfmb7ItmAwAYKQBf71joIMieeBApdQmm7ydkhyZguKzIQ== =PYEL -----END PGP SIGNATURE----- --=-13Vhh+OpcGp8GMQPIn4+-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message