On Friday, 2003-12-12 at 12:39:49 +0100, Adam ENDRODI wrote: > On Fri, Dec 12, 2003 at 07:46:38AM +0100, Lupe Christoph wrote:
> > We don't use AIDE exclusively at a client site, but in combination > > with Tripwire. We think tripwire is a little more secure becuse it > > uses signed databases. > Perhaps the following ./configure options will prove themselves > useful: > --with-confighmactype=TYPE Hash type to use for checking config. > Valid values are md5 and sha1. > --with-confighmackey=KEY HMAC hash key to use for checking config. > Must be a base64 encoded byte stream. > Maximum string length is 31 chars. > --with-dbhmactype=TYPE Hash type to use for checking db. > Valid values are md5 and sha1. > --with-dbhmackey=KEY HMAC hash key to use for checking db. > Must be a base64 encoded byte stream. > Maximum string lentgth is 31 chars. > --enable-forced_configmd Forces the config to have checksum. > Also disables --config-check > --enable-forced_dbmd Forces the file/pipe database's to have checksum. > This will be the default in the next release. Well, I went by what is said on the website http://www.cs.tut.fi/~rammer/aide.html > Future plans > ... > o Encrypted and signed database Before I start investigating this and spend a lot of time I don't have, can you explain what Aide does when I use those configure options? BTW, the Debian package does not use them. There is no bug filed about this. Should we? > bit, That's a miss on my acronym cache. Please expand ;-) Thanks, Lupe Christoph -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | "Violence is the resort of the violent" Lu Tze | | "Thief of Time", Terry Pratchett | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
