Pages

Showing posts with label Fedoar. Show all posts
Showing posts with label Fedoar. Show all posts

Saturday, October 26, 2024

Fedora 42 : ... testing Advanced Intrusion Detection Environment (AIDE).

Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions.. See more on the official fedora documentation webpage.
NOTE : The documentation and translations on the official page are in progress due to ongoing development and resource management ...
I used the DNF tool to install:
[mythcat@fedora ~]$ sudo dnf install aide
... aide      x86_64      0.18.6-5.fc41        rawhide      
Make sure the AIDE database file exists and is accessible:
[mythcat@fedora ~]$ sudo ls -l /var/lib/aide/aide.db.gz
Ensure that the user running AIDE has the necessary permissions:
[mythcat@fedora ~]$ sudo ls -l /var/lib/aide/
Check the AIDE configuration file:
[mythcat@fedora ~]$ sudo cat /etc/aide.conf | grep DBDIR
Check if the AIDE service file exists:
[mythcat@fedora ~]$ sudo ls /usr/lib/systemd/system/ | grep aide
If the service exists then check the status:
[mythcat@fedora ~]$ sudo systemctl status aide
Unit aide.service could not be found.
If the service not exist then take some time to run first time ...
[mythcat@fedora ~]$ sudo /sbin/aide --init
...
End timestamp: 2024-10-26 14:10:00 +0300 (run time: 98m 41s)
You can check each time you want ...
[mythcat@fedora ~]$ sudo /sbin/aide --check
If you want and your Fedora linux need to use this tool, then you can use it like service:
sudo nano /usr/lib/systemd/system/aide.service
Fill with the basic service source code like any unit service :
[Unit]
   Description=Advanced Intrusion Detection Environment
   After=network.target

   [Service]
   Type=simple
   ExecStart=/sbin/aide --init
   ExecStop=/sbin/aide --check
   Restart=on-failure

   [Install]
   WantedBy=multi-user.target
This is a simple tutorial about how to start with AIDE tool ...