Added a comment: intrusion detection?

author: https://www.google.com/accounts/o8/id?id=AItOawnZJhzx-nwZRTgh9kjy2Q8zKYsgTLNM2zc <Evan@web> 2015-04-10 20:32:40 +0000
committer: admin <admin@branchable.com> 2015-04-10 20:32:40 +0000
commit: 56811d56433aa11945b99eba1ae65d5b3e525ba6 (patch)
tree: af4b4b4f56ef2e9a978927f305364667606f4551 /doc
parent: c6c6110fccd80268d3404046519efbc9e6e590b4 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment b/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment
new file mode 100644
index 0000000..f5d9831
--- /dev/null
+++ b/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="https://www.google.com/accounts/o8/id?id=AItOawnZJhzx-nwZRTgh9kjy2Q8zKYsgTLNM2zc"
+ nickname="Evan"
+ subject="intrusion detection?"
+ date="2015-04-10T20:32:40Z"
+ content="""
+It seems to me that this would be particularly useful for narrowly scoped intrusion detection.
+
+For example, if I have an installed instance of a popular web app (Wordpress, Django, what have you) that is compromised (SQL injection, brute force, etcetera), every part of that app may become suspect even after the initial vulnerability is patched...in which case, a versioned log of what files were changed within the app directory(s) would be *extremely* useful.
+"""]]
author	https://www.google.com/accounts/o8/id?id=AItOawnZJhzx-nwZRTgh9kjy2Q8zKYsgTLNM2zc <Evan@web>	2015-04-10 20:32:40 +0000
committer	admin <admin@branchable.com>	2015-04-10 20:32:40 +0000
commit	56811d56433aa11945b99eba1ae65d5b3e525ba6 (patch)
tree	af4b4b4f56ef2e9a978927f305364667606f4551 /doc
parent	c6c6110fccd80268d3404046519efbc9e6e590b4 (diff)