Posted by: jasonk2600 | November 12, 2009

File System Integrity Monitoring with AIDE


Install AIDE from the FreeBSD ports collection.

# cd /usr/ports/security/aide
# make install clean
# rehash



Create the initial AIDE file system checksum database.  NOTE: The default configuration should work for most setups, but you may modify the configuration by editing /usr/local/etc/aide.conf.

# cd /var/db/aide
# aide –init
# mv databases/ databases/aide.db


AIDE will run as a cronjob that periodically checks for modified files and sends an alert to the root email address. You can change the root email address to a different address by editing /etc/aliases.



To keep the AIDE file integrity database up-to-date, be sure to run the following after updating any applications or configurations:

# aide -u
# cd /var/db/aide/databases
# mv aide.db

You can check the integrity of your files by running AIDE in compare mode with the following:

# aide -C



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: