Information
AIDE takes a snapshot of filesystem state including modification times, permissions, and
file hashes which can then be used to compare against the current state of the filesystem to
detect modifications to the system.
Rationale:
By monitoring the filesystem state compromised files can be detected to prevent or limit
the exposure of accidental or malicious misconfigurations or modified binaries.
Solution
Install AIDE using the appropriate package manager or manual installation:
# yum install aide
# dnf install aide
# apt-get install aide
# zypper install aide
# emerge aide
Configure AIDE as appropriate for your environment. Consult the AIDE documentation for
options.
Initialize AIDE:
# aide --init