Tuesday, January 15, 2008

Install AIDE(Advanced Intrusion Detection Environment)

What is AIDE?

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more.It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be checked for inconsistencies. It can read databases from older or newer versions.

Installaion
----------

1)Download it from

http://downloads.sourceforge.net/aide/
The latest version is 0.13.1. It can be found at sourceforge.net

wget http://downloads.sourceforge.net/aide/aide-0.13.1.tar.gz?modtime=1166191347&big_mirror=0

2)cd
aide-0.13.1.tar.gz
3)./configure
4)make
5)make install

If you are getting any libcrypt error, please do

yum install *crypt* ----not a real solution. Because I have tried every other possibilities. But this one gives me the luck.

What platform does AIDE run on?

Basically AIDE runs on any moderns Unix. Below is a list of platforms people are actually running AIDE on (That I know of). Please let me know if you are running aide on something else.

  • Solaris 2.5.1,2.6,7,8,9,10
  • Linux 2.x
  • FreeBSD 2.2.8,3.4
  • Unixware 7.0.1
  • BSDi 4.1
  • OpenBSD 2.6,3.0
  • AIX 4.2
  • TRU64 4.0x
  • HP-UX 11i
  • Cygwin




No comments: