====== AIDE (Advanced Intrusion Detection Environment) ====== ===== Links ===== * [[http://aide.sourceforge.net/|SourceForge]] ===== Environment ===== * Debian 7.5 (Wheezy) x86_64 * AIDE 0.15.1 ([[https://packages.debian.org/wheezy/aide|Debian Package]]) ===== Files ===== ^ File Name ^ Description ^ |/usr/bin/aide | AIDE binary. Shouldn't be called directly if AIDE debian package is used. It will result in the following error: //Couldn't open file /var/lib/aide/please-dont-call-aide-without-parameters/aide.db for reading//. | |/usr/bin/aide-attributes | Translate hex messages from aide check to human readable information. | |/usr/bin/aide.wrapper | A shell script which should be called instead of /usr/bin/aide. It guarantees that just one instance of aide is running at the same time. It will also take care of debian aide config structure (aide.conf.d). | |/usr/sbin/aideinit | Shell script to initialize an aide database to ///var/lib/aide/aide.db.new//. | |/usr/sbin/update-aide.conf | Bash script to generate ///var/lib/aide/aide.conf//.autogenerated from the config file /etc/aide/aide.conf and all files in the sub directory ///etc/aide/aide.conf.d///. It is invoked by aide.wrapper. | |/etc/default/aide | Settings to control aide executions. Can be used to set mail address, subject and other things. | |/etc/cron.daily/aide | Shell script for cron. It invokes update-aide.conf. An aide check is executed. The detected differences are mailed to root or to the $MAILTO address. |