ubuntu:aide_advanced_intrusion_detection_environment
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| ubuntu:aide_advanced_intrusion_detection_environment [2020/05/13 18:11] – peter | ubuntu:aide_advanced_intrusion_detection_environment [2022/06/13 11:06] (current) – peter | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| **AIDE** (Advanced Intrusion Detection Environment) is an Intrusion Detection System (IDS). Which means that AIDE is not a tool to prevent an intrusion but is actually here to report that an intrusion might have happened. | **AIDE** (Advanced Intrusion Detection Environment) is an Intrusion Detection System (IDS). Which means that AIDE is not a tool to prevent an intrusion but is actually here to report that an intrusion might have happened. | ||
| - | AIDE can be used to help track file integrity. | + | * AIDE can be used to help track file integrity. |
| + | * AIDE stores a checksum of every file on the system with a choice of several hash methods. | ||
| + | * Periodically AIDE will compare the snapshot it has against each file to what the file is current reporting. | ||
| - | Periodically AIDE will compare the snapshot it has against each file to what the file is current reporting. | + | <WRAP info> |
| + | **NOTE: | ||
| + | </ | ||
| - | It is important to update the checksums that AIDE uses every now and then to ensure that they are kept up to date. | ||
| ---- | ---- | ||
| Line 19: | Line 22: | ||
| [[Ubuntu: | [[Ubuntu: | ||
| + | |||
| + | |||
ubuntu/aide_advanced_intrusion_detection_environment.1589389907.txt.gz · Last modified: 2020/07/15 10:30 (external edit)