• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

contrib/H19-Jan-2022-621243

doc/H19-Jan-2022-823684

include/H03-May-2022-2,2391,044

src/H03-May-2022-18,48013,502

tests/H19-Jan-2022-16678

AUTHORSH A D04-May-2020637 1914

COPYINGH A D17-Jan-202117.7 KiB340281

ChangeLogH A D19-Jan-202251.8 KiB1,4141,090

INSTALLH A D19-Jan-202215.4 KiB369287

Makefile.amH A D19-Jan-20223.2 KiB10170

Makefile.inH A D19-Jan-202259.7 KiB1,4751,332

NEWSH A D19-Jan-202210.1 KiB270245

READMEH A D19-Jan-20225.7 KiB169116

TodoH A D19-Jan-2022386 1514

aclocal.m4H A D19-Jan-202252.3 KiB1,4561,316

compileH A D19-Jan-20227.2 KiB349259

config.guessH A D19-Jan-202243.2 KiB1,4811,288

config.h.inH A D19-Jan-20227.1 KiB307209

config.subH A D19-Jan-202235.3 KiB1,8021,661

configureH A D19-Jan-2022273.9 KiB9,9308,129

configure.acH A D19-Jan-202219.2 KiB701609

depcompH A D19-Jan-202223 KiB792502

install-shH A D19-Jan-202215 KiB542352

missingH A D19-Jan-20226.7 KiB216143

version.m4H A D19-Jan-202236 21

ylwrapH A D19-Jan-20226.7 KiB248143

README

1
2             AIDE - Advanced Intrusion Detection Environment
3            -------------------------------------------------
4                              Version 0.17.4
5
6    This file is free software; as a special exception the author gives
7    unlimited permission to copy and/or distribute it, with or without
8    modifications, as long as this notice is preserved.
9
10    This file is distributed in the hope that it will be useful, but
11    WITHOUT ANY WARRANTY, to the extend permitted by law; without even the
12    implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13
14
15    Introduction
16    ------------
17
18    AIDE is a tool for monitoring file system changes. It can be used
19    to detect unauthorized monitored files and directories. AIDE was
20    written to be a simple and free alternative to Tripwire. Features
21    currently included in AIDE are as follows:
22
23        o  File attributes monitored: permissions, inode, user, group
24           file size, mtime, atime, ctime, links and growing size.
25        o  Checksums and hashes supported: SHA1, MD5, RMD160, and TIGER.
26           CRC32, HAVAL and GOST if Mhash support is compiled in.
27        o  Plain text configuration files and database for simplicity.
28        o  Rules, variables and macros that can be customized to local
29           site or system policies.
30        o  Powerful regular expression support to selectively include or
31           exclude files and directories to be monitored.
32        o  gzip database compression if zlib support is compiled in.
33        o  Stand alone static binary for easy client/server monitoring
34           configurations.
35        o  Free software licensed under the GNU General Public License.
36
37    The homepage of AIDE is https://aide.github.io
38
39    Current Version
40    ---------------
41
42    AIDE is currently maintained on GitHub.
43
44    Please visit https://github.com/aide/aide/ to get the newest version of
45    the source code.
46
47    Documentation
48    -------------
49
50    The documentation for AIDE can be found in the doc/ directory.
51
52    Installation
53    ------------
54
55    If you are using a git version of the source you need to generate the
56    configuration files first:
57
58        $ sh ./autogen.sh
59
60    For generic installation instructions please see the INSTALL file
61    (generated by autogen.sh).
62
63    In short, just type:
64        $ ./configure
65        $ make
66        $ make install
67
68    See './configure --help' for the available configuration options.
69
70    For AIX 5.3 it has been reported there is a problem with using mhash
71    which causes an "Undefined symbol: .rpl_malloc" error. This is a problem
72    in mhash_config.h which can be fixed by removing the line that reads
73    #define malloc rpl_malloc
74
75    For Mac OS X Darwin/Leopard (10.4/10.5) and Solaris 10/OpenSolaris you need
76    to use --disable-static when configuring AIDE. Please note that dynamic
77    linking introduces a security risk and is not recommended.
78
79    Source Code Verification
80    ------------------------
81
82    We highly recommend checking that the version of AIDE downloaded and
83    installed is an original and unmodified one. You can either verify the
84    source tarball or the git tag.
85
86    To check the supplied signature with GnuPG:
87
88      $ gpg --verify aide-<VERSION_NUMBER>.tar.gz.asc
89
90    This checks that the detached signature file is indeed a signature
91    of aide-<VERSION_NUMBER>.tar.gz.
92
93    To validate the gpg signature of the git tag:
94
95      $ git verify-tag v<VERSION_NUMBER>
96
97    The current public key needed for signature verification is:
98
99        pub   4096R/68E7B931 2011-06-28 [expires: 2021-06-27]
100        uid                  Hannes von Haugwitz <hannes@vonhaugwitz.com>
101
102    If you do not have this key, you can get it from one of the well known PGP
103    key servers. You have to make sure that the key you install is not a faked
104    one. You can do this with reasonable assurance by comparing the output of:
105
106      $ gpg --fingerprint 0x68E7B931
107
108    with the fingerprint published elsewhere.
109
110    Requirements
111    ------------
112
113    AIDE requires the following development tools:
114
115       o  C99 compatible compiler.
116       o  GNU flex.
117       o  GNU yacc (bison).
118       o  GNU make.
119       o  pkg-config
120       o  PCRE library
121       o  Mhash (optional, but highly recommended). Mhash is currently
122          available from http://mhash.sourceforge.net/. A static version of
123          libmhash needs to be build using the --enable-static=yes
124          configure option.
125          Aide requires at least mhash version 0.9.2
126
127       o  libcheck (optional, needed for 'make check', license: LGPL-2.1)
128
129    Note:
130      flex version 2.5.31 is broken, you might see the following error
131
132       conf_lex.c: In function `conflex':
133       conf_lex.c:4728: error: `yy_prev_more_offset' undeclared (first use in
134       this function)
135       conf_lex.c:4728: error: (Each undeclared identifier is reported only once
136       conf_lex.c:4728: error: for each function it appears in.)
137
138      Either downgrade to flex 2.5.4 or get an updated version that fixes
139      this bug.
140
141    Large File Support
142    -----------------
143
144    To be able to store the size of files larger than 2GB, AIDE needs large
145    file support (LFS) to be available in the OS. The configure script
146    automatically checks for LFS. To turn off LFS call the configure script
147    with the '-disable-largefile' option.
148
149    Feedback and Support
150    --------------------
151
152    End user support is available on the AIDE mailing list:
153
154        https://www.ipi.fi/mailman/listinfo/aide
155
156    An archive for the mailing list archive is available online:
157
158        http://www.ipi.fi/pipermail/aide/
159
160    Please report bugs and feature requests to the aide issue tracker
161
162        https://github.com/aide/aide/issues
163
164
165    Credits
166    -------
167
168    Please see the AUTHORS file.
169