Aide

Aide development has been moved to Sourceforge.
Please check there for any new updates. The users mailinglist is still maintained here.

Mailinglist

There is a mailinglist for aide. You can subscribe by sending an e-mail to aide-request@cs.tut.fi with subscribe as the BODY of the message. This link may help.
Or you can subscribe via this page.
Absolutely NO SPAM is allowed.
Only the people on the list can send messages to it.
Archive of messages can be found at https://mailman.cs.tut.fi/pipermail/aide/ or http://www.mail-archive.com/aide%40cs.tut.fi/

What is AIDE?

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more.

There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire.

What does it do?

It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be checked for inconsistencies. It can read databases from older or newer versions. See the manual pages within the distribution for further info. There is also a beginning of a manual.

Download

Mirrors

Currently there are no mirrors. The version at ftp.linux.hr is hacked. So for the moment please get the source from official site below.

The latest version is 0.13.1.

It can be found at sourceforge.net

Previous releases

You can find releases <=0.9 at ftp://ftp.cs.tut.fi/pub/src/gnu/.

Note that they are buggy and do not contain all the features.

GPL

Aide is licensed using GPL. Please read it.

What platform does AIDE run on?

Basically AIDE runs on any moderns Unix. Below is a list of platforms people are actually running AIDE on (That I know of). Please let me know if you are running aide on something else.

Solaris 2.5.1,2.6,7,8,9,10
Linux 2.x
FreeBSD 2.2.8,3.4
Unixware 7.0.1
BSDi 4.1
OpenBSD 2.6,3.0
AIX 4.2
TRU64 4.0x
HP-UX 11i
Cygwin

I found a bug. What do I do?

First, make sure the bug stil exists in the current version from CVS (see below). If it does, report the bug via the SourceForge Bug system. We can only respond to your report if you log in before reporting.

I want to contribute a larger set of patches.

You should e-mail the developers for the best way to contribute.

I would like to help but don't know how.

You can send me Jolt, Computer Security related books and anything you think that would encourage me to donate more time to this project.

CVS-server

We have a CVS-server that is hosted by sourceforge.net. Look there for more information.
For a more comprehensive overview we suggest reading this document.
If you cannot use CVS but want to try the latest features and fixes you can download a daily CVS snapshot.

Future plans

Other database retrieval methods (http,ftp,sql?)
Encrypted and signed database
Threads

Who's behind aide?

Rami Lehti(me), rammer at cs.tut.fi
Pablo Virolainen, pablo at cs.tut.fi
Richard van den Berg, richard at vdberg.org

Disclaimer

All trademarks are the property of their respective owners.
No animals were harmed while making this webpage or this piece of software.
Although some pizza delivery guy's feelings were hurt. :)