5.3
8.337
7.486
6.6
7.434
7.2
5.449
6.888
7.196
6.838
7.715
7.1
5.3
7.384
Artikel: Advanced Intrusion Detection Environment GudangMovies21 Rebahinxxi
- Source: Advanced Intrusion Detection Environment
The Advanced Intrusion Detection Environment (AIDE) was initially developed as a free replacement for Tripwire licensed under the terms of the GNU General Public License (GPL).
The primary developers are named as Rami Lehti and Pablo Virolainen, who are both associated with the Tampere University of Technology, along with Richard van den Berg, an independent Dutch security consultant. The project is used on many Unix-like systems as an inexpensive baseline control and rootkit detection system.
Functionality
AIDE takes a "snapshot" of the state of the system, register hashes, modification times, and other data regarding the files defined by the administrator. This "snapshot" is used to build a database that is saved and may be stored on an external device for safekeeping.
When the administrator wants to run an integrity test, the administrator places the previously built database in an accessible place and commands AIDE to compare the database against the real status of the system. Should a change have happened to the computer between the snapshot creation and the test, AIDE will detect it and report it to the administrator. Alternatively, AIDE can be configured to run on a schedule and report changes daily using scheduling technologies such as cron, which is the default behavior of the Debian AIDE package.
This is mainly useful for security purposes, given that any malicious change which could have happened inside the system would be reported by AIDE.
See also
Host-based intrusion detection system comparison
References
External links
Official website
AIDE Github project
AIDE online manpage
AIDE reference in Ubuntu wiki
OpenSUSE Security Guide chapter on AIDE
Kata Kunci Pencarian:
advanced intrusion detection environmentadvanced intrusion detection environment aideadvanced intrusion detection environment linuxadvanced intrusion detection environment (aide) detected potential changes to software on this systemadvanced intrusion detection environment ubuntuadvanced intrusion detection environment tutorialstealthwatch advanced intrusion detection environmentSearch ResultsArtikel Terkait "advanced intrusion detection environment"
AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker. What does it do? It creates a database from the regular expression rules that it finds from the config file(s).
AIDE (Advanced Intrusion Detection Environment) is an intrusion detection program. More specifically a file integrity checker. AIDE constructs a database of the files specified in aide.conf, AIDE's configuration file.
