News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP-Tools Blog:
Analyzing aide (advanced intrusion detection environment) output with PHP
August 28, 2006 @ 07:28:19

Aide (Advanced Intrusion Detection Environment) is described as "a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more." So, of course, one of the useful things that it does is output logs to help you keep track of what's happening on your system. In this new post on the PHP-Tools blog, they talk about the parsing of these same logs - with a little help from PHP.

Since we started hosting our sites on our own server we had some nasty cracker-attacks. To at least have a chance recognizing whether the system had been compromised we started to use aide some time ago. Aide keeps track of changes in the filesystem and provides us with a human-readable report once a day.

They note, though, that sometimes it's a valid change and not a security issue, so they employed the Util_AideAnalyzer package to help parse the logs into something useful. They give an example of what this looks like, including variations getting more specific data on certain aspects. They also point you in the right direction to get the Util_AideAnalyzer package installed on your system.

4 comments voice your opinion now!
aide system file monitor tool logs parse pear package util_aideanalyzer aide system file monitor tool logs parse pear package util_aideanalyzer



Community Events





Don't see your event here?
Let us know!


api bugfix interview project community threedevsandamaybe developer podcast library framework code configure introduction laravel application wordpress release language series list

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework