Otu esi enyocha iguzosi ike n'ezi ihe na AIDE na Fedora

AIDE (Nchọpụta Intrusion Environment dị elu) bụ mmemme maka ịlele iguzosi ike n'ezi ihe nke faịlụ na ndekọ na sistemụ Unix ọ bụla nke ọgbara ọhụrụ. Ọ na-emepụta nchekwa data nke faịlụ dị na sistemụ ahụ, wee jiri nchekwa data ahụ dị ka yardstick iji hụ na faịlụ ziri ezi ma chọpụta intrusion sistemụ.

N'isiokwu a, anyị ga-egosi otu esi etinye ma jiri AIDE lelee faịlụ na ndekọ aha na nkesa Fedora.

Otu esi etinye AIDE na Fedora

1. A na-etinye akụrụngwa AIDE na Fedora Linux na ndabara, yabụ, ị nwere ike iji njikwa ngwugwu dnf ndabara iji wụnye ya dị ka egosiri.

$ sudo dnf install aide  

2. Mgbe echichi ahụ mechara, ịkwesịrị ịmepụta nchekwa data AIDE mbụ, nke bụ foto nke usoro na ọnọdụ nkịtị. Ebe nchekwa data a ga-arụ ọrụ dị ka ihe nlere anya nke a ga-atụle mmelite na mgbanwe niile na-esote.

Rịba ama na ọ dị mkpa ịmepụta nchekwa data na usoro ọhụrụ tupu ebute ya na netwọk. Na nke abụọ, nhazi ihe enyemaka ndabara na-enyere aka ịlele nhazi akwụkwọ ndekọ aha na faịlụ akọwapụtara na faịlụ /etc/aide.conf. Ịkwesịrị idezi faịlụ a ka ị hazie faịlụ na akwụkwọ ndekọ aha ndị enyemaka ga-elele.

Gbaa iwu a ka ịmepụta nchekwa data mbụ:

$ sudo aide --init

3. Iji malite iji nchekwa data, wepụ eriri . ọhụrụ n'aha faịlụ nchekwa data mbụ.

$ sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

4. Iji chekwaa nchekwa data AIDE ọzọ, ị nwere ike ịgbanwe ebe ndabere ya site na dezie faịlụ nhazi wee gbanwee uru DBDIR wee tụọ ya na ebe ọhụrụ nchekwa data.

@@define DBDIR  /path/to/secret/db/location

Maka nchekwa ọzọ, chekwaa faịlụ nhazi nchekwa data yana faịlụ ọnụọgụ abụọ /usr/sbin/aide na ebe echekwara dị ka mgbasa ozi naanị ọgụgụ. Nke dị mkpa, ị nwere ike ịbawanye nchekwa site na ịbanye nhazi na/ma ọ bụ nchekwa data.

Na-eme nyocha iguzosi ike n'ezi ihe na Fedora

5. Iji aka nyochaa usoro Fedora, mee iwu na-esonụ.

$ sudo aide --check

Nsonaazụ nke iwu dị n'elu na-egosi ọdịiche dị n'etiti nchekwa data na ọnọdụ nke sistemụ faịlụ ugbu a. Ọ na-egosi nchịkọta nke ndenye yana ozi zuru ezu gbasara ndenye agbanwere.

6. Maka ojiji dị irè, ị kwesịrị ịhazi AIDE ka ọ na-agba ọsọ dị ka ọrụ cron, iji mee nyocha nhazi, ma ọ bụ kwa izu (na kacha nta) ma ọ bụ kwa ụbọchị (na kacha).

Dịka ọmụmaatụ, iji hazie nyocha n'etiti abalị kwa ụbọchị, tinye ntinye cron na-esote na faịlụ /etc/crontab.

00  00  *  *  *  root  /usr/sbin/aide --check

Na-emelite ọdụ data AIDE

7. Mgbe ị kwadoro mgbanwe nke usoro gị dị ka, mmelite ngwugwu ma ọ bụ nhazi faịlụ nhazi, melite ebe nchekwa data AIDE gị site na iwu na-esonụ.

$ sudo aide --update

Iwu aide --update na-emepụta faịlụ nchekwa data ọhụrụ /var/lib/aide/aide.db.new.gz. Iji malite iji ya maka nyocha n'ọdịnihu, ịkwesịrị ịmegharị ya aha dị ka egosiri na mbụ (wepu eriri .ọhụrụ n'aha faịlụ).

Maka ozi ndị ọzọ na AIDE ị nwere ike ịlele ibe nwoke ya.

$ man aide

Maka nkesa Linux ndị ọzọ, ị nwere ike lelee: Otu esi elele iguzosi ike n'ezi ihe nke faịlụ na ndekọ site na iji AIDE na Linux.

AIDE bụ ngwa dị ike maka ịlele iguzosi ike n'ezi ihe nke faịlụ na akwụkwọ ndekọ aha na sistemụ arụmọrụ Unix dị ka Linux. N'isiokwu a, anyị gosiri otu esi etinye na iji AIDE na Fedora Linux. Ị nwere ajụjụ(s) ọ bụla ma ọ bụ nkwupụta gbasara AIDE, ọ bụrụ ee, wee jiri fọm nzaghachi ruo anyị.