|
Name |
|
Date |
Size |
#Lines |
LOC |
| .. | | 03-May-2022 | - |
| contrib/ | H | 19-Jan-2022 | - | 621 | 243 |
| doc/ | H | 19-Jan-2022 | - | 823 | 684 |
| include/ | H | 03-May-2022 | - | 2,239 | 1,044 |
| src/ | H | 03-May-2022 | - | 18,480 | 13,502 |
| tests/ | H | 19-Jan-2022 | - | 166 | 78 |
| AUTHORS | H A D | 04-May-2020 | 637 | 19 | 14 |
| COPYING | H A D | 17-Jan-2021 | 17.7 KiB | 340 | 281 |
| ChangeLog | H A D | 19-Jan-2022 | 51.8 KiB | 1,414 | 1,090 |
| INSTALL | H A D | 19-Jan-2022 | 15.4 KiB | 369 | 287 |
| Makefile.am | H A D | 19-Jan-2022 | 3.2 KiB | 101 | 70 |
| Makefile.in | H A D | 19-Jan-2022 | 59.7 KiB | 1,475 | 1,332 |
| NEWS | H A D | 19-Jan-2022 | 10.1 KiB | 270 | 245 |
| README | H A D | 19-Jan-2022 | 5.7 KiB | 169 | 116 |
| Todo | H A D | 19-Jan-2022 | 386 | 15 | 14 |
| aclocal.m4 | H A D | 19-Jan-2022 | 52.3 KiB | 1,456 | 1,316 |
| compile | H A D | 19-Jan-2022 | 7.2 KiB | 349 | 259 |
| config.guess | H A D | 19-Jan-2022 | 43.2 KiB | 1,481 | 1,288 |
| config.h.in | H A D | 19-Jan-2022 | 7.1 KiB | 307 | 209 |
| config.sub | H A D | 19-Jan-2022 | 35.3 KiB | 1,802 | 1,661 |
| configure | H A D | 19-Jan-2022 | 273.9 KiB | 9,930 | 8,129 |
| configure.ac | H A D | 19-Jan-2022 | 19.2 KiB | 701 | 609 |
| depcomp | H A D | 19-Jan-2022 | 23 KiB | 792 | 502 |
| install-sh | H A D | 19-Jan-2022 | 15 KiB | 542 | 352 |
| missing | H A D | 19-Jan-2022 | 6.7 KiB | 216 | 143 |
| version.m4 | H A D | 19-Jan-2022 | 36 | 2 | 1 |
| ylwrap | H A D | 19-Jan-2022 | 6.7 KiB | 248 | 143 |
README
1
2 AIDE - Advanced Intrusion Detection Environment
3 -------------------------------------------------
4 Version 0.17.4
5
6 This file is free software; as a special exception the author gives
7 unlimited permission to copy and/or distribute it, with or without
8 modifications, as long as this notice is preserved.
9
10 This file is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY, to the extend permitted by law; without even the
12 implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13
14
15 Introduction
16 ------------
17
18 AIDE is a tool for monitoring file system changes. It can be used
19 to detect unauthorized monitored files and directories. AIDE was
20 written to be a simple and free alternative to Tripwire. Features
21 currently included in AIDE are as follows:
22
23 o File attributes monitored: permissions, inode, user, group
24 file size, mtime, atime, ctime, links and growing size.
25 o Checksums and hashes supported: SHA1, MD5, RMD160, and TIGER.
26 CRC32, HAVAL and GOST if Mhash support is compiled in.
27 o Plain text configuration files and database for simplicity.
28 o Rules, variables and macros that can be customized to local
29 site or system policies.
30 o Powerful regular expression support to selectively include or
31 exclude files and directories to be monitored.
32 o gzip database compression if zlib support is compiled in.
33 o Stand alone static binary for easy client/server monitoring
34 configurations.
35 o Free software licensed under the GNU General Public License.
36
37 The homepage of AIDE is https://aide.github.io
38
39 Current Version
40 ---------------
41
42 AIDE is currently maintained on GitHub.
43
44 Please visit https://github.com/aide/aide/ to get the newest version of
45 the source code.
46
47 Documentation
48 -------------
49
50 The documentation for AIDE can be found in the doc/ directory.
51
52 Installation
53 ------------
54
55 If you are using a git version of the source you need to generate the
56 configuration files first:
57
58 $ sh ./autogen.sh
59
60 For generic installation instructions please see the INSTALL file
61 (generated by autogen.sh).
62
63 In short, just type:
64 $ ./configure
65 $ make
66 $ make install
67
68 See './configure --help' for the available configuration options.
69
70 For AIX 5.3 it has been reported there is a problem with using mhash
71 which causes an "Undefined symbol: .rpl_malloc" error. This is a problem
72 in mhash_config.h which can be fixed by removing the line that reads
73 #define malloc rpl_malloc
74
75 For Mac OS X Darwin/Leopard (10.4/10.5) and Solaris 10/OpenSolaris you need
76 to use --disable-static when configuring AIDE. Please note that dynamic
77 linking introduces a security risk and is not recommended.
78
79 Source Code Verification
80 ------------------------
81
82 We highly recommend checking that the version of AIDE downloaded and
83 installed is an original and unmodified one. You can either verify the
84 source tarball or the git tag.
85
86 To check the supplied signature with GnuPG:
87
88 $ gpg --verify aide-<VERSION_NUMBER>.tar.gz.asc
89
90 This checks that the detached signature file is indeed a signature
91 of aide-<VERSION_NUMBER>.tar.gz.
92
93 To validate the gpg signature of the git tag:
94
95 $ git verify-tag v<VERSION_NUMBER>
96
97 The current public key needed for signature verification is:
98
99 pub 4096R/68E7B931 2011-06-28 [expires: 2021-06-27]
100 uid Hannes von Haugwitz <hannes@vonhaugwitz.com>
101
102 If you do not have this key, you can get it from one of the well known PGP
103 key servers. You have to make sure that the key you install is not a faked
104 one. You can do this with reasonable assurance by comparing the output of:
105
106 $ gpg --fingerprint 0x68E7B931
107
108 with the fingerprint published elsewhere.
109
110 Requirements
111 ------------
112
113 AIDE requires the following development tools:
114
115 o C99 compatible compiler.
116 o GNU flex.
117 o GNU yacc (bison).
118 o GNU make.
119 o pkg-config
120 o PCRE library
121 o Mhash (optional, but highly recommended). Mhash is currently
122 available from http://mhash.sourceforge.net/. A static version of
123 libmhash needs to be build using the --enable-static=yes
124 configure option.
125 Aide requires at least mhash version 0.9.2
126
127 o libcheck (optional, needed for 'make check', license: LGPL-2.1)
128
129 Note:
130 flex version 2.5.31 is broken, you might see the following error
131
132 conf_lex.c: In function `conflex':
133 conf_lex.c:4728: error: `yy_prev_more_offset' undeclared (first use in
134 this function)
135 conf_lex.c:4728: error: (Each undeclared identifier is reported only once
136 conf_lex.c:4728: error: for each function it appears in.)
137
138 Either downgrade to flex 2.5.4 or get an updated version that fixes
139 this bug.
140
141 Large File Support
142 -----------------
143
144 To be able to store the size of files larger than 2GB, AIDE needs large
145 file support (LFS) to be available in the OS. The configure script
146 automatically checks for LFS. To turn off LFS call the configure script
147 with the '-disable-largefile' option.
148
149 Feedback and Support
150 --------------------
151
152 End user support is available on the AIDE mailing list:
153
154 https://www.ipi.fi/mailman/listinfo/aide
155
156 An archive for the mailing list archive is available online:
157
158 http://www.ipi.fi/pipermail/aide/
159
160 Please report bugs and feature requests to the aide issue tracker
161
162 https://github.com/aide/aide/issues
163
164
165 Credits
166 -------
167
168 Please see the AUTHORS file.
169