USAGE
first : create your config file
you have to choice which files/directories to monitor.
The package is delivered with 2 base config files :
- windows.conf : for windows
- linux.conf : for ... Linux
you can also start from another tools config (aide, tripwire)
second : initiate your base
use the -i option :
afick.pl -c configfile -i
third : compare it regularly
to search for unwanted changes :
use the compare (-k) or update (-u) command
afick.pl -c configfile -k
afick.pl -c configfile -u
my advice is to have an automatic job :
- Linux/UNIX users should use cron : afick_cron
- windows users should use planned job : afick_planning.pl
fourth : update it manually after any change
to know exactly what an install does :
- run afick in update mode
- install/upgrade/remove your software
- re-run afick in update mode
absolute security
for an absolute security :
- the database should be written on read-only media, so that a virus/troyen do not change or erase it
- afick should be run from another clean operating system (some virus may change commands and system calls), for example a live-cd
back to main page