Re: File integrity checkers
From: David Douthitt (ddouthitt_at_cuna.coop)
Date: 05/19/04
- Next message: David Douthitt: "Re: "No Shell""
- Previous message: Luis Bruno: "Re: Google groups email spider,Auction software, Directory PPC search engine software, email spiders - 4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 19 May 2004 11:43:37 -0500
Roberto wrote:
> I've seen a few that are available (Tripwire, AIDE, Samhain,
> Integrit). Does somebody have any experience with them to say which
> one is better? Basically, what I need is something that can verify
> about 60-80 different machines (mainly Sun, Linux, Alphas, but a few
> others too), but from a centralized station.
Sounds like you need portability and centralized control.
Tripwire is the hands down favorite and usually first mentioned, but the
open source version is currently lagging in maintenance and was dropped
by Red Hat from their Advanced Server 3 release and from the Fedora
Core. Others may be dropping Tripwire as well. I believe that Tripwire
doesn't support a centralized operation either.
I recently examined Samhain, which supports the centralized model, as
well as the traditional host-only model.
AIDE I don't know too well; it is the most often "second choice"
mentioned and appears to be the first choice for a tripwire replacement.
However, in my estimation, Samhain is used most by large installations.
I'm currently seriously evaluating Samhain.
Realize, too, that Red Hat Advanced Server does not come with a
replacement for Tripwire. I don't know which of these have Solaris
support, or support for whatever the Alphas are running.
Note that whatever database you create has to be protected; I recommend
off-host storage and a read-only copy on CDROM.
- Next message: David Douthitt: "Re: "No Shell""
- Previous message: Luis Bruno: "Re: Google groups email spider,Auction software, Directory PPC search engine software, email spiders - 4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
