Ubuntu Intrusion Detection System With AIDE




Aide is an abbreviation (Advanced Intrusion Detection Environment) is one of the most popular tools that are useful to monitor changes in a Unix or Linux system. Here I will install these tools and then set them up on a couple of servers to secure the system.

Next, we I'll do an update and install Aide
sudo apt-get update -y

After you update your system then proceed with installing the AIDE by running the following commands on your terminal.
sudo apt-get install aide

AIDE has been installed on your linux machine, let's move back



Configure The Fiber Test AIDE
Next we will configure this AIDE. initial database with the command below on your linux terminal,
sudo aideinit

It will take quite a long time and so you have the initial database, verify that the database we have created a new AIDE
cd /var/lib/aide
ls -lt

You should really pay attention to on the screen of your monitor

Move the new file into a new database by using the following command,
mv /var/lib/aide/aide.db.new /var/lib/aide/aide.db

Get here let's test this by his AIDE as follows,
aide.wrapper --check

You will see the results, that's the result of file AIDE we have replace

Crontab Aide
Now we don't want to do this manually every day, so we'll make it automatic, let's setup a crontab, by entering the following commands on your linux terminal.
vi aide.sh

Now we've made it so that it can be executed
chmod +x aide.sh

We will open the contrab with entering the following commands on your terminal
crontab -e

Add the following crontab into it
06 01 * * 0-6 /root/aide.sh

Finally finished, too, you can already use it



Next
Previous
Click here for Comments

0 comments: