Ubuntu system uses aide to check file integrity

Source: Internet
Author: User
Keywords Integrity checking files checksums for
Tags aliyun applied check check file checking checking files configuration file

Of the many methods that can be applied to http://www.aliyun.com/zixun/aggregation/13835.html ">ubuntu security", one is called File Integrity Monitoring (file integrity checking). The purpose of integrity monitoring and verification of critical system binaries and profiles is to ensure that these key files are not made unauthorized changes. Unauthorized changes to system-specific files are one of the manifestations of attack and endangerment activities on the system. File integrity monitoring is a positive way to make you aware of changes in the system's important files in a timely manner. Like most tools, there are many different applications in the GNU community that can be used to monitor and verify the integrity of your Ubuntu system files.

This guide will cover the installation, configuration, and use of some of these tools on the Ubuntu system.

Although there are many ways to monitor and verify the integrity of GNU system critical files Strictly, this guide only describes the tools called advanced intrusion detection environments.

However, other tools that can be used to monitor and verify file integrity are listed in the "Related Resources" section of this article. Browsing and using these tools is an exercise that readers can practice on their own.

AIDE

The "Advanced Intrusion Detection Environment" (AIDE) is a free software, a popular tripwire for file integrity checking tools. It establishes a database by reading a series of regular expressions in the configuration file, which can be used to validate the integrity of critical system files and some user-defined files when the database is initialized.

AIDE uses many popular information digest algorithms (MD5, SHA1, rmd160, Tiger, Haval, etc.) to check the integrity of the file. Additional algorithms are also easy to add. Consistency of all legacy file System Properties is also checked.

Installing AIDE

Before you install in terminal mode, make sure that your network is well connected, and then enter the following command in the terminal:

sudo apt install aide

Enter your password according to the system prompts, and if Ubuntu is validated, the aide installation package will be downloaded and automatically started. During the installation process, a configuration information window appears, prompting you to send a daily report to the root user by default, but you can modify it by editing the profile/etc/default/aide. Please press ENTER to confirm the message.

The system then asks you if you want to initialize the aide database now. Now, enter Yes and press ENTER. The next dialog box asks if you want to overwrite the existing database. If this is your first time installing aide, select Yes and press ENTER.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.