Ask the Expert

Advanced Intrusion Detection Environment vs. Tripwire

What is the difference between Advanced Intrusion Detection Environment and Tripwire?

Requires Free Membership to View

AIDE and Tripwire are both File Integrity Agents (FIAs). An FIA monitors the integrity and state of the files and objects on your host. If it detects changes to those files, then alerts the administrator that an unauthorized access or change has taken place. FIAs usually take a hash of all files to be monitored using an algorithm like MD5. The snapshot is periodically checked against the current hash of the file and any variations alerted on.

One of the key differences between Tripwire and AIDE is their commercial status. Tripwire was originally a free, open source product and is now a commercial product. However, a free version of Tripwire (branched from the Tripwire code in 2000) is still being developed at http://sourceforge.net/projects/tripwire/. In comparison, AIDE is entirely open source and licensed via the GPL.

Whilst essentially very similar in functionality, in my opinion there does seem to be more regular development on AIDE with more features and updates being released. The open source Tripwire version was last updated in 2005.

This was first published in January 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: