Le 28/01/2020 à 22:13, Stefan Hornburg (Racke) a écrit :
> On 1/26/20 3:11 PM, Shifa Shaikh wrote:
>> Dick Hi,
>>
>> My requirement is not about configuring a webserver.
>>
>> It is to maintain a check on a set of files. If the file changes by checksum or permissions I wish to trigger an alert.
>>
>> Thus, my ansible will stat the file and then compare the checksum and mode that was previously stored in the
>> include_vars file.
>>
>> If they match we are good else we will trigger an alert.
>>
>> Thus, I want to understand if my approach/format of storing mode and checksum information for all files on all servers
>> good? if not please propose how should i design the include_vars files so I could read the checksum and mode of a file
>> on a particular IP.
> Why don't use an existing checksum tool (e.g Google for linux ids checksum tools) ?
>
> Regards
> Racke
Hi,
As said by Racke, why not using a tool designed for it like these (there
are available for other distro) :
https://doc.ubuntu-fr.org/rootkit
Another way to make some controls is to use package tools with some
options....
dpkg --verify or rpm -Va can be interesting to use....
Regards,
JYL