Pedro Sanchez wrote: > Hello, > > recentily we have a problem with one of our machines, that has aide > installled. > He have this version Aide 0.13.1 > A trojan was installed using a software vulnerability in a domain. > This software was inside a directory named ... ( three following points) > This name makes the directory invisible for aide, so we have no > knowing of this filesystem modification. > Is there any way to path aide to sove this or it is solved in a newer release > ? > > Thank you very much.
Hi, I can't reproduce that with debian testing and aide version 0.14. A new file evil in the directory /tmp/... is reported as expected: --------------------------------------------------- Added files: --------------------------------------------------- f+++++++++++++++: /tmp/.../evil --------------------------------------------------- Changed files: --------------------------------------------------- d >.... mc.. .. : /tmp/... Greetings, Hannes _______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
