InformationAIDE takes a snapshot of filesystem state including modification times, permissions, and file hashes which can then be used to compare against the current state of the filesystem to detect modifications to the system.
By monitoring the filesystem state compromised files can be detected to prevent or limit the exposure of accidental or malicious misconfigurations or modified binaries.
SolutionRun the following command to install aide :
# zypper install aide
Configure AIDE as appropriate for your environment. Consult the AIDE documentation for options.
# aide --init
# mv /var/lib/aide/aide.db.new /var/lib/aide/aide.db
The name of the aide.db.new database may be different on your system.