On Fri, Dec 5, 2008 at 3:35 PM, Scott Ullrich <[EMAIL PROTECTED]> wrote: > On Fri, Dec 5, 2008 at 3:10 PM, <[EMAIL PROTECTED]> wrote: >> Hi, >> >> as i am investigating monitoring solutions at the moment i came up with an >> idea, somebody has already implemented: >> >> what about regulary getting the config.xml (not bad as backup as well) and >> checking it against a former - good known config - configfile. >> You'd notice then a change either in case of a compromise or even when >> another admin did sth. without notifying... >> >> What are your opinions how to do this... would be nice if you would share >> some code.. > > While it is not the same exact thing, commercial support customers > have access to our automated encrypted remote backup package which > encrypts config.xml and backs it up to the BSD Perimeter servers. > All configurations are available and you can quickly look at the > descriptions to see what changed and when. >
Along those lines - one of the "in the future" items on the list for the autoconfigbackup is an option to email when the configuration changes. For some environments that would be nothing more than an annoyance, but could be useful for others where things should only very rarely change. Even though the config is encrypted and unreadable, we can still tell if it's different. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
