File System Detection Tool aide

Source: Internet
Author: User

AIDE (Advanced intrusion Detection Environment) is a program for checking the integrity of files and directories and is developed as a substitute for tripwire.


How aide Works

This tool is not too young, Tripwire said, it is easier to operate than the same tool. It needs to take a snapshot of the system, record the hash value, the modification time, and the administrator's preprocessing of the file. This snapshot allows the administrator to set up a database and store it on an external device for safekeeping.
When an administrator wants to perform an integrity check on the system, the administrator places the previously built database in a region that the current system can access, then compares the current system's state to the database with aide, and finally reports the changes to the current system to the administrator. In addition, the aide can be configured to run regularly, using scheduling technology such as cron, daily test report to the system.
This system is mainly used for operation and maintenance security detection, aide will report to the administrator all the malicious changes in the system.


Characteristics of Aide

Support Message digest algorithm: MD5, SHA1, rmd160, Tiger, CRC32, sha256, sha512, whirlpool

Support file properties: File type, file permissions, index node, uid,gid, link name, file size, block size, number of links, Mtime,ctime,atime

Support for POSIX acl,selinux,xattrs, extended file System Properties

Plain text configuration file, compact database

Powerful regular expression for easy filtering of files and directories to monitor

Support for GZIP database compression

Standalone binary statically compiled client/server monitoring configuration


This article is from the "Sanr" blog, make sure to keep this source http://0x007.blog.51cto.com/6330498/1699033

File System Detection Tool aide

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.