Comments on Linux Security Notes - AIDE File Integrity

Linux Security Notes - AIDE File Integrity AIDE (Advanced Intrusion Detection Enviornment) is a tool to check the file integrity. It is an opensource substitute for TRIPWIRE. It allows to take snapshots of all the major configuration files, binaries as well as libraries stats. And helps to find which binaries have been changed in case of compromisation of the system.

3 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: vijay
Reply  

Fantastic post Kiranjith. Well explained and also in-depth.

Thank you and keep posting more and more.

 

By: Anonymous
Reply  

One crucial thing is missing and that is:

aide --init will create the new database as /var/lib/aide/aide.db.new. 
You need to copy/move /var/lib/aide/aide.db.new to /var/lib/aide/aide.db 
  when you do --init to initialize the db and after each subsequent 
--update. You can change these locations/files in the config file.

 which prevents this error:

Couldn't open file /var/lib/aide/aide.db for reading

By: Anonymous
Reply  

Actually is should be /var/lib/aide/aide.db.gz.

 It is all defined in /etc/aide.conf

    database=; database_out=; database_new=