The other letters in the string are the actual letters that will be output if the associated attribute for the item has been changed or a ". Which you prefer is largely a matter of personal mathematical preference.
Lines beginning with are ignored as comments. If there are multiple database lines then the first is used.
This value can be inclusive. The default is 5. The lines between ifdef and endif are used if variable VAR is defined.
AIDE is a host-based IDS, which basically means that it scans the filesystem and logs the attributes of important files, directories, and devices. This option has no effect in compare mode.
This option may be set to no by default in a future release. If there is an else statement then the part between ifdef and else is used is VAR is de- fined otherwise the part between else and endif is used. When you put 'c' and 'I' in the same rule the, a changed ctime is silently ignored. Valid val- ues are yes,true,no and false.
The data is also copied to stdout, so you can watch the process from a terminal window. Lines beginning with are ignored as comments. If verbosity is 20 then additional report output is written when doing --check, --update or --compare. The default is not to warn about dead symlinks. The default is stdout. The default is to not report added files or their details in init mode.
Setup and First-Run AIDE works its magic by reading in a configuration file that contains both a list of directories and files to scan, and the attributes of each entry to log. Of particular interest is the text file type of output for AIDE. You have to get to know your system. The default is not to warn about dead symlinks. The default is to follow symlinks. This is for informational purposes only.
Third, macro lines define or undefine variables within the config file. There are currently thirteen attributes that AIDE can log — including permissions, owner, group, size, all three timestamps atime, ctime, and mtime , plus lower-level stuff like inode, block count, number of links, and so on. Weekend Project: Intrusion Detection on Linux with AIDE December 3, Front-line measures like firewalling, strong authentication, and staying on top of security updates are mandatory steps to keeping your system secure. If variable VAR is not defined an empty string is used.