diff options
author | Andy Bailey <bailey@akamai.com> | 2010-10-24 22:27:37 -0400 |
---|---|---|
committer | Erik Hanson <erik@slackbuilds.org> | 2010-10-25 07:55:11 -0500 |
commit | a19c42d298d1568ea25ff4c84de00f018544a183 (patch) | |
tree | 5fcb6e50863cde91eefb8883350df3f5629bde28 /system/aide/README.Slackware | |
parent | aab7d6402a473fbcbc95ecc14490fbb9454d1f09 (diff) |
system/aide: Added (Advanced Intrusion Detection Environment)
Signed-off-by: dsomero <xgizzmo@slackbuilds.org>
Diffstat (limited to 'system/aide/README.Slackware')
-rw-r--r-- | system/aide/README.Slackware | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/system/aide/README.Slackware b/system/aide/README.Slackware new file mode 100644 index 0000000000000..7ae3bfbc90059 --- /dev/null +++ b/system/aide/README.Slackware @@ -0,0 +1,32 @@ +I suggest that you start with the example below, use it for a few weeks, +and tune it to accommodate your habits. + +The media containing your aide databases should be physically +unmounted between scans. Alternatively, see /usr/doc/aide-$VERSION/contrib +for some example scripts that will help you gpg sign your database, for +online storage. + +=== /etc/aide.conf sample === +database=file:/mnt/usb/aide.db +database_out=file:/mnt/usb/aide.db.new +gzip_dbout=yes + +/etc/ld.so.cache p+ftype+l+u+g +/etc/ntp/drift p+ftype+l+u+g + +/boot R +/etc R +/bin R +/lib R +/usr/lib R +/usr/libexec R +/usr/lib64 R +/lib64 R +/usr/bin R +/usr/local/bin R +/sbin R +/usr/sbin R +/usr/local/sbin R +=/var/log R + + |