Tripwire and AIDE are not firewalls but file integrity checkers. By
creating a cryptographic checksum on every file on a system, then regularly
comparing checksums, they quickly point to compromised files. The trick is to
keep track of files that ought to change regularly , like syslog files, and
those that ought not to, like system binaries. As well, one has to keep the
checksums in synch with patched files, upgrades etc. Tripwire is available for
both Unix and WinNT/2K and is now sold commercially. AIDE is open source but
Unix/Linux based.
AIDE has a page on freshmeat at http://freshmeat.net/projects/aide/
-----Original Message-----Hey all~
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED]
Sent: Friday, May 04, 2001 11:47
To: [EMAIL PROTECTED]
Subject: AIDE
doing research on an AIDE. It's an upgrade to tripwire Could really use a
good site or bench marking information. Anyone know anything about this
firewall??
Thanks!!
Amy Cole
