aboutsummaryrefslogtreecommitdiff
path: root/system/aide/README.Slackware
diff options
context:
space:
mode:
authorAndy Bailey <bailey@akamai.com>2010-10-24 22:27:37 -0400
committerErik Hanson <erik@slackbuilds.org>2010-10-25 07:55:11 -0500
commita19c42d298d1568ea25ff4c84de00f018544a183 (patch)
tree5fcb6e50863cde91eefb8883350df3f5629bde28 /system/aide/README.Slackware
parentaab7d6402a473fbcbc95ecc14490fbb9454d1f09 (diff)
system/aide: Added (Advanced Intrusion Detection Environment)
Signed-off-by: dsomero <xgizzmo@slackbuilds.org>
Diffstat (limited to 'system/aide/README.Slackware')
-rw-r--r--system/aide/README.Slackware32
1 files changed, 32 insertions, 0 deletions
diff --git a/system/aide/README.Slackware b/system/aide/README.Slackware
new file mode 100644
index 0000000000000..7ae3bfbc90059
--- /dev/null
+++ b/system/aide/README.Slackware
@@ -0,0 +1,32 @@
+I suggest that you start with the example below, use it for a few weeks,
+and tune it to accommodate your habits.
+
+The media containing your aide databases should be physically
+unmounted between scans. Alternatively, see /usr/doc/aide-$VERSION/contrib
+for some example scripts that will help you gpg sign your database, for
+online storage.
+
+=== /etc/aide.conf sample ===
+database=file:/mnt/usb/aide.db
+database_out=file:/mnt/usb/aide.db.new
+gzip_dbout=yes
+
+/etc/ld.so.cache p+ftype+l+u+g
+/etc/ntp/drift p+ftype+l+u+g
+
+/boot R
+/etc R
+/bin R
+/lib R
+/usr/lib R
+/usr/libexec R
+/usr/lib64 R
+/lib64 R
+/usr/bin R
+/usr/local/bin R
+/sbin R
+/usr/sbin R
+/usr/local/sbin R
+=/var/log R
+
+