How to install aide centos

-
In this tutorial, How to install aide Centos.

What does Aide mean


AIDE is one of the most popular tools for monitoring the server changes in a LINUX based system.  It call as Advanced Intrusion Detection Environment.

Install AIDE on Centos


$ sudo yum install aide

Check AIDE Version on your system

$ sudo aide -v

Configure AIDE


$ sudo cp /etc/aide.conf /etc/aide.conf_BK

Add lines not check /tmp and /proc in aide.conf file

!/tmp
!/proc

Create the database


$ sudo aide --init
$ sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
$ sudo cd /var/lib/aide

Run the AIDE check


$ sudo aide --check

Set cronjob to run AIDE check


$ sudo vi /etc/cron.daily/aide

// The content as below:

#!/bin/bash

MAILTO=root
LOGFILE=/var/log/aide/aide.log
AIDEDIR=/var/lib/aide

/usr/sbin/aide  -u > $LOGFILE
cp $AIDEDIR/aide.db.new.gz $AIDEDIR/aide.db.gz

x=$(grep "Looks okay" $LOGFILE | wc -l)

if [ $x -eq 1 ]
then
    echo "All Systems Look OK" | /bin/mail -s "AIDE OK" $MAILTO
else
    echo "$(egrep "added|changed|removed" $LOGFILE)" | /bin/mail -s "AIDE DETECTED CHANGES" $MAILTO
fi
exit

Change mode aide file


$ sudo chmod 755 /etc/cron.daily/aide

For example, Check log change


$ sudo egrep "added|changed|removed" /var/log/aide/aide.log
You have installed on your system. Have a good nice!

Comments

Post a Comment

Popular posts from this blog

zimbra some services are not running [Solve problem]

-
How to solved zimbra some services are not running. That after, to installed zimbra mail server. The display a some admin console status red in environment multiple server ( zimbra ldap, zimbra mailbox, zimbra mta etc.). Link to below you maybe likes: How to install and configure zimbra multi server.   How to restrict to user sending mail on zimbra 8.6. How to Restrict Sending to Distribution list in zimbra mail. How to change last login time for all accounts in zimbra ldap. How to zimbra reject authenticated sender login mismatch. Error zimbra some services are not running as bellow Step by step guide the solve problem zimbra some services are not running the following: To restart and enable cron service the permanently. service crond restart chkconfig crond on Opening rsyslog.conf file and uncomment the following. vim /etc/rsyslog.conf Uncomment these two lines $modload imupd $UDPServerRun514   To restart and enable rsyslog service the permanently. servic
Read more

Bash script list all IP addresses connected to Server

-
Running to bash script list all IP addresses connected to Server ./studyscript.sh  >/dev/null 2>&1 The bash script list all IP addresses connected to Server #!/bin/bash rm -f /tmp/list_IP rm -f /tmp/list_IPP rm -f /tmp/list_IPdone netstat -ntu | grep ESTA | awk -F: '{ print $2 }' | sed -r 's/^.{12}//' |sed 's/:/\n/g' | sed '/^\s*$/d'| sort > /tmp/list_IP #sleep 10 while read -r p do  curl ipinfo.io/$p done < /tmp/list_IP >/tmp/list_IPP cat /tmp/list_IPP | egrep "ip|country" |sed '$!N;s/\n/ /' |sed -r 's/^.{9}//' |sed 's/"country": "//' |sed 's/",//g' >> /tmp/list_IPdone echo "-----IP------  --country--" >> /tmp/list_IPdone Note the bash script list all IP addresses connected to Server sed 's/:/\n/g' Delete duplicate lines sed '/^\s*$/d' Delete empty lines sed '$!N;s/\n/ /' How to merge every two lines in
Read more

How to install php7 on centos 6

-
How to install php7 on centos 6, I'm use remi repo to install remi-php70. I'm running commands as root account. To install php7  yum install wget yum-utils wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -Uvh remi-release-6.rpm yum-config-manager --enable remi-php70 yum install php --enablerepo=remi-php70 To check for available repositories yum repolist For example: To install php7 for nginx ( Due to, nginx use php-fpm and php-mysql) yum install php-fpm php-mysql --enablerepo=remi-php70 Thanks for reading! How to install php7 on centos 6
Read more