Adavanced Intrusion Detection Enviroment
Hi, is it a good idea to run AIDE on a personal RHEL system, and it there any difference between AIDE, and tripwire? Thanks! :)
Responses
Hi GD,
Well, this is very much something about a personal decision - I do not recommend to install too many additional 3rd party tools. :)
When it comes to security, I recommend to use tools which are available from the official Red Hat repositories. One good security tool is scap-workbench, with this tool you can check the system for security enhancements and apply different profiles.
Although I only perform the checking and then decide which of the given suggestions are appropriate for me. The balance between convenience and security is what matters. If you apply a complete profile, the system might become "a pain to use". You can install scap-workbench with sudo yum install scap-workbench. More information you can find on the OpenSCAP website.
You may ask why it's recommended to install software packages from official Red Hat repositories preferable to 3rd party ones ?
Well, software being provided by Red Hat is tested and you can rely on the fact that nothing malicious will land on your system.
An external source which you can trust in is the Fedora EPEL repository, right because it belongs to the Red Hat "eco system".
One reason why Microsoft (for example) has to fix so many security issues is related to the circumstance that users install stuff
from external sources without knowing what exactly gets installed. Best (new) example is the well-known CCleaner tool - since
the latest version it started to collect data information and sends them "back home" - there is actually no chance to disable it.
Regards,
Christian
depending on the scap profile you select to follow this will still include installing and runninge AIDE. STIG enforces this for example. But in general, following a strict scap profile will harden your system and is usually a good idea. If you decide you want to only follow parts of a profile you can customize it.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
