[Wolves] A modern AIDE equivalent
Simon Burke
simon at samandsimon.co.uk
Fri Oct 11 10:36:24 UTC 2024
Hi,
Thought the list has been a bit quiet, so I'd pose a work related question.
Can anyone recommend a modern equivalent to AIDE, or software that can do a reasonable job of monitoring files for changes/updates and notifying. We have fairly heavyweight things we can use, but I'm looking for something that's straightforward to manage.
We could just use git in theory, but a truly malicious agent could easily get around that.
For context we are replacing our old estate, and I've come across a vendor that was given root access to a few servers. Since they've had access there has been a rather ominous 'vi ~/.bash_history' in roots bash_history.
In this case I know its fairly innocuous, and not malicious. As it's someone whos trying to hide the fact that they don't know what they are doing.
But it does raise the question of how we best keep track and/or protect services when people you don't necessarily fully trust have privileged access.
Thanks,
Simon.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/wolves/attachments/20241011/43d9b498/attachment.htm>
More information about the Wolves
mailing list