AIDE false positives in ISO-installed Hedgehog and Malcolm

cisagov / Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

https://cisagov.github.io/Malcolm/

Other

1.97k stars 331 forks source link

AIDE false positives in ISO-installed Hedgehog and Malcolm #480

Open mmguero opened 2 weeks ago

mmguero commented 2 weeks ago

@mmguero cloned issue idaholab/Malcolm#106 on 2022-07-13:

I thought I had this worked out, but apparently not. There are some false positives that need to be handled in the AIDE configuration (Malcolm, Hedgehog) in the ISO installed versions of these tools.

mmguero commented 2 weeks ago

@mmguero commented on 2022-08-03:

Hmmm, not seeing this now. I'm going to leave this open to check later on the next release