How to install and secure egroupware - Directory UMM
How to install and secure egroupware - Directory UMM
How to install and secure egroupware - Directory UMM
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
6.1.6 Intrusion detection environment<br />
Install an intrusion detection environment <strong>to</strong> keep check of your system files’ integrity <strong>and</strong> <strong>to</strong> detect changes<br />
on your server.<br />
There are several solutions available for *nix based systems:<br />
AIDE<br />
Tripwire<br />
Samhain<br />
Of the three above, AIDE is the easiest <strong>to</strong> set up.<br />
6.1.6.1 Installing AIDE<br />
Most distributions have AIDE included <strong>and</strong> you can <strong>install</strong> it with a st<strong>and</strong>ard <strong>to</strong>ol like RPM or apt-get.<br />
AIDE depends on the mhash package, which you must <strong>install</strong> as well. When no package is available for your<br />
platform, you must compile it yourself with<br />
. /configure<br />
make<br />
make <strong>install</strong><br />
6.1.6.2 The AIDE configuration file aide.conf<br />
You must configure the aide.conf file so that all important files from your server are checked <strong>and</strong> <strong>to</strong> reduce<br />
false alarms.<br />
� S<strong>to</strong>re /etc/aide.conf, /usr/sbin/aide <strong>and</strong> /var/lib/aide/aide.db.gz in a <strong>secure</strong> location, e.g. on<br />
separate read-only media (such as CD-ROM). Alternatively, keep MD5 fingerprints or GPG signatures of<br />
those files in a <strong>secure</strong> location, so you have a means <strong>to</strong> verify that nobody has modified these files.<br />
# Example configuration file for AIDE.<br />
@@define DBDIR /var/lib/aide<br />
# The location of the database <strong>to</strong> be read.<br />
database=file:/mnt/floppy/aide.db.gz<br />
# The location of the database <strong>to</strong> be written.<br />
database_out=file:@@{DBDIR}/aide.db.new.gz<br />
# Whether <strong>to</strong> gzip the output <strong>to</strong> the database<br />
gzip_dbout=yes<br />
# Default.<br />
Reiner Jung Install <strong>and</strong> Secure eGroupWare Page 28 of 67