Tiny Core Base > TCB Tips & Tricks

Tiny Core files protection

<< < (2/2)

netnomad:
hi friends,

perhaps AIDE is the right tool for you, the program is small (less than 1mb),lean and clean.
give it a try! i would be very pleased to find it in the rep one day :)
aide compares all changes to a database and reports them per mail.

http://aide.sourceforge.net/
AIDE is an intrusion detection system that detects changes to files on the local system. It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be checked for inconsistencies.

for online monitoring i can recommend you inotify:
http://forum.tinycorelinux.net/index.php/topic,14113.0.html

keep on digging.

Rich:
Hi etopeter
First you want to select the files you wish to protect from changes. Besides binaries, don't forget conf files.
Next you need to decide what action to take if one of those files gets modified. Most binaries and stock conf
files can be restored by simply rebooting. Your initrd and vmlinuz need to be handled separately. You
might package backup copies in a tcz. Upon detecting a change, load the tcz and copy them to their
default locations and then reboot. You also need to plan your backup strategy. If you have a conf file you've
customized and it gets modified, you don't want to run a backup on it before rebooting. If you have work
files in your home directory that you back up, you may wish to devise a way to back them up without backing
up system settings should they get modified.

Navigation

[0] Message Index

[*] Previous page