aide-software:aide
Ceci est une ancienne révision du document !
AIDE (Advanced Intrusion Detection Environment)
# apt-get update && apt-get install aide
Change destination mail if not root
# vi /etc/default/aide MAILTO=
# aideinit
Install new db as reference
# cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db
Manual check
# aide -c /etc/aide/aide.conf --check
Manual update
# aide -c /etc/aide/aide.conf --update
On files/conf changes :
# aideinit # cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db # aide -c /etc/aide/aide.conf --check
aide.conf defines change patterns, ex : Directories that change their contents during system operation
VarDir = OwnerMode+n+i+X
then you find exceptions in dir /etc/aide/aide.conf.d warning : when error is present in configuration files, the parser not always point them…
aide-software/aide.1536656001.txt.gz · Dernière modification : 2018/09/11 08:53 de ronan