Chapitre 9. Checking integrity with AIDE

PDF

Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions.

9.1. Installing AIDE

The following steps are necessary to install AIDE and to initiate its database.

Conditions préalables

Le référentiel AppStream est activé.

Procédure

To install the aide package:
```
# dnf install aide
```
To generate an initial database:
```
# aide --init
```
Note
In the default configuration, the aide --init command checks just a set of directories and files defined in the /etc/aide.conf file. To include additional directories or files in the AIDE database, and to change their watched parameters, edit /etc/aide.conf accordingly.
To start using the database, remove the .new substring from the initial database file name:
```
# mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
```
To change the location of the AIDE database, edit the /etc/aide.conf file and modify the DBDIR value. For additional security, store the database, configuration, and the /usr/sbin/aide binary file in a secure location such as a read-only media.

Chapitre 9. Checking integrity with AIDE

9.1. Installing AIDE

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Rendre l’open source plus inclusif

À propos de Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links