Archive for the tag 'AIDE'

AIDE - Build, Store, and Test Database

Generate a new database:

# /usr/sbin/aide –init

By default, the database will be written to the file /var/lib/aide/aide.db.new.gz.

The database, as well as the configuration file /etc/aide.conf and the binary /usr/sbin/aide (or hashes of these files) should be copied and stored in a secure location. Storing these copies or hashes on read-only media may provide further confidence that they will not be altered.

Install the newly-generated database:

# cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

Run a manual check:

# /usr/sbin/aide –check

If this check produces any unexpected output, investigate.

SBDavid

Install AIDE

Install AIDE

AIDE is not installed by default. Install it with the command:

# yum install aide


Customize Configuration File

Customize /etc/aide.conf to meet your requirements. The default configuration is acceptable for many environments.

The man page aide.conf(5) provides detailed information about the configuration file format.