e3f7b12896
-- AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. What does it do? It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be checked for inconsistencies. It can read databases from older or newer versions. See the manual pages within the distribution for further info. There is also a beginning of a manual. WWW: http://www.cs.tut.fi/~rammer/aide.html
99 lines
2.5 KiB
Plaintext
99 lines
2.5 KiB
Plaintext
$OpenBSD: patch-doc_aide_conf_in,v 1.1.1.1 2001/06/07 14:26:22 lebel Exp $
|
|
--- doc/aide.conf.in.orig Tue Jun 5 10:50:51 2001
|
|
+++ doc/aide.conf.in Tue Jun 5 10:51:44 2001
|
|
@@ -2,15 +2,6 @@
|
|
# AIDE @VERSION@
|
|
#
|
|
# example configuration file
|
|
-#
|
|
-# This configuration file checks the integrity of the
|
|
-# AIDE package
|
|
-#
|
|
-# Default values for the parameters are in comments before the
|
|
-# corresponding line.
|
|
-#
|
|
-
|
|
-@@define TOPDIR @top_srcdir@
|
|
|
|
@@ifndef TOPDIR
|
|
@@define TOPDIR /
|
|
@@ -34,12 +25,11 @@
|
|
|
|
# The location of the database to be read.
|
|
#database=file:aide.db
|
|
-database=file:@@{TOPDIR}/doc/aide.db
|
|
+database=file:/var/db/aide.db
|
|
|
|
# The location of the database to be written.
|
|
#database_out=sql:host:port:database:login_name:passwd:table
|
|
-#database_out=file:aide.db.new
|
|
-database_out=file:aide.db.new
|
|
+database_out=file:/var/db/aide.db.new
|
|
|
|
# Whether to gzip the output to database
|
|
# gzip_dbout=no
|
|
@@ -55,8 +45,6 @@ verbose=20
|
|
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
|
|
report_url=stdout
|
|
|
|
-# @@{TOPDIR} is replaced with @top_srcdir@ when
|
|
-# read by aide.
|
|
#p: permissions
|
|
#i: inode
|
|
#n: number of links
|
|
@@ -91,22 +79,37 @@ All=R+a+sha1+rmd160+tiger
|
|
# Attributes that can be used to verify that aide in intact
|
|
# by people that have downloaded it from the web.
|
|
# Let's be paranoid
|
|
-Norm=s+n+b+md5+sha1+rmd160+tiger
|
|
-
|
|
-# The commented rules are just examples the rest are used by
|
|
-# make check
|
|
+#Norm=s+n+b+md5+sha1+rmd160+tiger
|
|
|
|
-#Selection regexp rule
|
|
-@@{TOPDIR}/.* Norm
|
|
-#Equals selection only the directory doc is checked and not it's children
|
|
-#=@@{TOPDIR}/doc L
|
|
-#Negative selection no rule is necessary but ignored if there
|
|
-!@@{TOPDIR}/.*~
|
|
-!@@{TOPDIR}/src/.*\.o
|
|
-!@@{TOPDIR}/src/(aide|core) L
|
|
-!@@{TOPDIR}/.*RCS
|
|
-!@@{TOPDIR}/.*CVS
|
|
-!@@{TOPDIR}/.*aide\.db.*
|
|
-!@@{TOPDIR}/.*\.cvsignore.*
|
|
-# @@{TOPDIR}/doc/.* All
|
|
+=/$ R
|
|
+/bsd$ L+s+sha1
|
|
+/etc$ L+s+sha1
|
|
+
|
|
+# my passwd database should be static at time of system build. yours may
|
|
+# not be, if not, uncomment the lines below.
|
|
+
|
|
+#/etc/passwd L
|
|
+#/etc/master.passwd L
|
|
+#/etc/pwd.db L
|
|
+#/etc/spwd.db L
|
|
+
|
|
+# /home
|
|
+=/home$ R
|
|
+
|
|
+# /usr
|
|
+# /usr/bin
|
|
+/usr/bin R
|
|
+/usr/include R
|
|
+/usr/lib R
|
|
+/usr/libdata R
|
|
+/usr/libexec R
|
|
+/usr/local/bin R
|
|
+/usr/local/etc L+s+sha1
|
|
+/usr/local/lib R
|
|
+/usr/local/libexec R
|
|
+/usr/local/sbin R
|
|
+/usr/local/share R
|
|
+/usr/sbin R
|
|
+/usr/share R
|
|
|
|
+=/tmp$ L
|