Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advanced Intrusion Detection Environment AIDE

Published byWinfred Stewart Modified over 8 years ago

Similar presentations

Presentation on theme: "Advanced Intrusion Detection Environment AIDE"— Presentation transcript:

1 Advanced Intrusion Detection Environment AIDE http://www.cs.tut.fi/~rammer/aide.html

2 AIDE  Uses regular expression rules to check file integrity  Replaces Tripwire  Constructs a database of directories specified in configuration file  Database consists of file attributes  Creates a cryptographic checksum of each file

3 Simple Sample AIDE Configuration File /oracle p

4 Creating a New Database root@neptune:/usr/local/etc: # aide –i AIDE, version 0.10 ### AIDE database initialized. root@neptune:/usr/local/etc: # ls aide.conf aide.db.new root@neptune:/usr/local/etc: # mv aide.db.new aide.db root@neptune:/usr/local/etc: # aide –check AIDE, version 0.10 ### All files match AIDE database. Looks okay!

5 Altering the File System and Checking Again root@neptune:/oracle: # ls -l … -r--r--r-- 1 root other 143111 Jun 2 10:26 saudimap.gif … root@neptune:/oracle: # chmod 777 saudimap.gif root@neptune:/oracle: # aide –check AIDE found differences between database and filesystem!! Start timestamp: 2005-06-22 14:00:50 Summary: Total number of files=18,added files=0,removed files=0,changed files=1 Changed files: changed:/oracle/saudimap.gif Detailed information about changes: File: /oracle/saudimap.gif Permissions: -r--r--r--, -rwxrwxrwx

Download ppt "Advanced Intrusion Detection Environment AIDE"

Similar presentations

System integrity The term system integrity has the following meanings: That condition of a system where in its specified operational and technical parameters.

System integrity The term system integrity has the following meanings: That condition of a system where in its specified operational and technical parameters.
Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.

Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.
Using Nagios for Intrusion detection Miguel Cárdenas Montes Elio Pérez Calle Francisco Javier Rodríguez Calonge.

Using Nagios for Intrusion detection Miguel Cárdenas Montes Elio Pérez Calle Francisco Javier Rodríguez Calonge.
Chapter 5 Understanding Entity Relationship Diagrams.

Chapter 5 Understanding Entity Relationship Diagrams.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
File Security. Viewing Permissions ls –l Permission Values.

File Security. Viewing Permissions ls –l Permission Values.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
2004, Jei Tripwire An Intrusion Detection Tool Information Networking Security and Assurance Lab National Chung Cheng University.

2004, Jei Tripwire An Intrusion Detection Tool Information Networking Security and Assurance Lab National Chung Cheng University.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.
Configuration Management and RCS CPS470 Fall 1999.

Configuration Management and RCS CPS470 Fall 1999.
Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.

Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.
T RIP W IRE Karthik Mohanasundaram Wright State University.

T RIP W IRE Karthik Mohanasundaram Wright State University.
1 Host – Based Intrusion Detection “Working of Tripwire”

1 Host – Based Intrusion Detection “Working of Tripwire”
Linux Networking and Security Chapter 10 File Security.

Linux Networking and Security Chapter 10 File Security.
Embedded Programming and Robotics Lesson 13 Basic Linux 1.

Embedded Programming and Robotics Lesson 13 Basic Linux 1.
IS 426: Information Systems Construction in Modern Society Downloading and exploring oracle development environments.

IS 426: Information Systems Construction in Modern Society Downloading and exploring oracle development environments.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Learning basic Unix command IT 325 operating system.

Learning basic Unix command IT 325 operating system.
Tripwire Enterprise Server Rule Sets Vincent Fox, Doreen Meyer, and Paul Singh UC Davis, Information and Educational Technology July 25, 2006.

Tripwire Enterprise Server Rule Sets Vincent Fox, Doreen Meyer, and Paul Singh UC Davis, Information and Educational Technology July 25, 2006.
Filesystem Hierarchy Standard (FHS) –Standard of outlining the location of set files and directories on a Linux system –Gives Linux software developers.

Filesystem Hierarchy Standard (FHS) –Standard of outlining the location of set files and directories on a Linux system –Gives Linux software developers.

Similar presentations

Ads by Google