afick components
It is the only mandatory component : perl scripts, with many options to be executed in a console.
It is composed of :
- afick.pl : the main script
- afickonfig.pl : a tool to configure afick
- afick_archive.pl : a tool to check/search/clean archive's files
- afick_cron : a script to be executed by cron (UNIX)
- afick_planning.pl : a script to be executed by the service planning (windows)
- set_planning.pl : a script to configure the service planning (windows)
The default configuration is to set a daily (batch) run.
Afick's code is now too big, and is difficult to read and maintain. Afick 3 is a progressive rewrite, in object
oriented mode, to have a better code.
It is an optional component, which allow to configure, run, and analyse the results, in
graphical in perl/Tk. This is the natural interface for windows users.
If you want to have a higher security, you have to put the code and the database on a read-only media.
This component contains the code and documentation to start this kind of architecture.
The
webmin module allow to
configure, run, and analyse the results from a distant computer, with a web browser. It is a very common way on UNIX, but it should also work on
windows.
Afick is a good tool : in case of attack, it will warn you, but probably late (on next run, daily ?)
On the anti-virus model, I begin to work on resident tool, which should warn when the file is modified.
On Unix/Linux, I will use
gamin
(a File Alteration Monitor implementation), which ask the kernel to be wake up when a file is modified.
It is used in file navigators (nautilus, konqueror ...) and in others security tools, such as
fail2ban.
The code is just in a very early stage for now.
back to the main page