AIDE and Tripwire are both File Integrity Agents (FIAs). An FIA monitors the integrity and state of the files and
objects on your host. If it detects changes to those files, then alerts the administrator that an unauthorized access or change has taken place. FIAs usually take a hash of all files to be monitored using an algorithm like MD5. The snapshot is periodically checked against the current hash of the file and any variations alerted on.
One of the key differences between Tripwire and AIDE is their commercial status. Tripwire was originally a free, open source product and is now a commercial product. However, a free version of Tripwire (branched from the Tripwire code in 2000) is still being developed at http://sourceforge.net/projects/tripwire/. In comparison, AIDE is entirely open source and licensed via the GPL.
Whilst essentially very similar in functionality, in my opinion there does seem to be more regular development on AIDE with more features and updates being released. The open source Tripwire version was last updated in 2005.
Dig deeper on Linux security risks and threats
Related Q&A from James Turnbull
A user wants to implement OSSEC on a Windows server because he has no server side Linux operating system.continue reading
Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains...continue reading
Configuring spam filters Spamassassin and dspam together in the email server Postfix is easy with the resources listed by our security expert.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.