[CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
Karanbir Singh
mail-lists at karan.orgMon Nov 30 08:14:49 UTC 2009
- Previous message: [CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
- Next message: [CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Ian, On 11/30/2009 01:07 AM, Ian Forde wrote: >> I still want to see the changes, but it would be nice to see the >> ones I >> authorized through the update service to be partitioned off from the >> ones that seem to have no reasonable explanation. > > Seems to be that a yum plugin could be written that would accomplish > this. Consider - it would only allow signed rpm updates, and ask for > permission (or use a key) to update to LIDS database... You are mostly on the right track, however, that wont work across the whole machine. imho, the magic potion is to offload the machine state elese where and use the compare-with-pre-state on a different 'central' machine. Where knowledge like pacakge-ver and package-payload can also be tracked. - KB
- Previous message: [CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
- Next message: [CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list