Linux

rpm -V and prelinked binaries

I'v been asked this question a few times over the last year or so, so I thought I would explain some of why you might see some issues on a Fedora or Red Hat Enterprise Linux system (or any other Linux distribution that uses prelinked binaries) when trying to track down strange MD5/SHA1 changes to binaries.

By default, and for nearly a decade now, prelink has shipped with Red Hat Enterprise Linux and Fedora. What ...

Read More

Linux

AIDE+gpg 1.0.4 released

I've just released AIDE+gpg 1.0.4, which adds support for signing and verifying signatures on the AIDE binary itself (/usr/sbin/aide), and on the AIDE configuration file (/etc/aide.conf). Thanks to George Notaras for giving me the suggestion.

Apparently someone other than myself uses these scripts. =) AIDE+gpg is a set of scripts to make AIDE more like Tripwire in that the database is cryptographically signed (with gpg) so you can be alerted as to whether ...

Read More

Linux

AIDE+gpg 1.0.2 released

As part of my work migrating to Red Hat Enterprise Linux 6, I found that AIDE+gpg does not work with GnuPG2 (previously, Red Hat Enterprise Linux 5 and Annvix only used GnuPG version 1). The AIDE+gpg scripts now work with GnuPG version 2, and a new version is available from the AIDE+gpg project page.

I don't know if anyone other than myself uses this, but it's a set of scripts to make AIDE more ...

Read More