Blaginations

I had a link to a linux.com weekend project lying around for quite a while. I finally decided to play some with aide (advanced intrusion detection environment). I set up a config file as suggested in the article, but then got stuck on an error that was not immediately very descriptive to me. After some searching I found the thread Aide will not work on the ubuntu forums. It didn’t give me the immediate solution, but did make me think in the right direction. I had forgotten to add database file specifications to the configuration file (see my post in the tread mentioned above). Now aide is doing its first run, and I can work on figuring out what the “best” configuration is for me over the coming days (I should at least get a good view of which parts of my system change regularly and which do not).

UPDATE: when running aide my system became rather slow, so I would recommend running it with nice: sudo nice -n 20 aide –init –config=aide.kasterma.conf