Installing and Configuring AIDE

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

In this lab, we will install the Advanced Intrusion Detection Environment (AIDE) and configure it to monitor directories and applications for changes. We will also set up a cron job to run a daily check using AIDE.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install and configure AIDE
  1. Install AIDE:

    yum install -y aide
  2. Initialize AIDE:

    /usr/sbin/aide --init
  3. Copy initialized database to production:

    cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
Configure AIDE to run every day at 1 AM
  1. Create a cronjob to run aide --check at 1 AM daily:

    nano /etc/crontab
    0 1 * * * /usr/sbin/aide --check 
Define directories and applications to monitor
  1. Define directories to monitor:

    nano /etc/aide.conf
    /patient-data    DIR
    /accounting     DIR
  2. Add an application to monitor each time it’s accessed:

    nano /etc/aide.conf
    APP_ACCESS = a
    /applications/payroll   APP_ACCESS
Update the AIDE database with new directory and application statuses
  1. Update the AIDE database (because we made changes to the /etc/aide.conf file):

    /usr/sbin/aide --update
    cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

Additional Resources

In an effort to increase security readiness in your environment, you've been tasked with setting up AIDE on a Red Hat server. You will need to install and configure AIDE and ensure the files and applications listed below are included in the daily integrity checks. You'll need to configure AIDE to run once daily at 1 AM.

  1. Files (use the DIR grouping):

    • /patient-data
    • /accounting
  2. Applications (check for last time accessed):

    • /applications/payroll

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?