View Full Version : [SOLVED] How can you tell if AIDE found any vulnerabilities
toolmania1
June 6th, 2011, 08:54 PM
How can you tell ifAIDE found anything? I read the tutorial in this forum, but it does not show me examples that I can compare to see if AIDEhas found anything.
crispy_420
June 7th, 2011, 06:48 AM
It basically looks at files changed. You have to establish a baseline and look for files changed. It will not actively protect you from threats but rather show you after the fact. Symantic has a good read on it here:
http://www.symantec.com/connect/articles/securing-linux-aide
Near the end it explains how to use near the end to find if you have already been compromised.
Another guide here as well: http://www.howtoforge.com/linux-security-notes-aide-file-integrity
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.