Differences

This shows you the differences between two versions of the page.

--- ubuntu:aide_advanced_intrusion_detection_environment [2019/11/25 22:11] – peter
+++ ubuntu:aide_advanced_intrusion_detection_environment [2022/06/13 10:06] (current) – peter
@@ Line 1: / Line 1: @@
 ====== AIDE (Advanced Intrusion Detection Environment) ======
-AIDE (Advanced Intrusion Detection Environment) is an Intrusion Detection System (IDS). Which means that AIDE is not a tool to prevent an intrusion but is actually here to report that an intrusion might have happened.
+**AIDE** (Advanced Intrusion Detection Environment) is an Intrusion Detection System (IDS). Which means that AIDE is not a tool to prevent an intrusion but is actually here to report that an intrusion might have happened.
-AIDE can be used to help track file integrity.  AIDE stores a checksum of every file on the system with a choice of several hash methods.
+  * AIDE can be used to help track file integrity.
+  * AIDE stores a checksum of every file on the system with a choice of several hash methods.
+  * Periodically AIDE will compare the snapshot it has against each file to what the file is current reporting.  If there is a difference then the file has changed.
-Periodically AIDE will compare the snapshot it has against each file to what the file is current reporting.  If there is a difference then the file has changed.
+<WRAP info>
+**NOTE:**  It is important to update the checksums that AIDE uses every now and then to ensure that they are kept up to date.
+</WRAP>
-It is important to update the checksums that AIDE uses every now and then to ensure that they are kept up to date.
 ----
@@ Line 19: / Line 22: @@
 [[Ubuntu:AIDE:AIDE not working|AIDE not working]]