Advanced Intrusion Detection Environment vs. Tripwire

What is the difference between Advanced Intrusion Detection Environment and Tripwire?

What is the difference between Advanced Intrusion Detection Environment and Tripwire?

AIDE and Tripwire are both File Integrity Agents (FIAs). An FIA monitors the integrity and state of the files and...

objects on your host. If it detects changes to those files, then alerts the administrator that an unauthorized access or change has taken place. FIAs usually take a hash of all files to be monitored using an algorithm like MD5. The snapshot is periodically checked against the current hash of the file and any variations alerted on.

One of the key differences between Tripwire and AIDE is their commercial status. Tripwire was originally a free, open source product and is now a commercial product. However, a free version of Tripwire (branched from the Tripwire code in 2000) is still being developed at http://sourceforge.net/projects/tripwire/. In comparison, AIDE is entirely open source and licensed via the GPL.

Whilst essentially very similar in functionality, in my opinion there does seem to be more regular development on AIDE with more features and updates being released. The open source Tripwire version was last updated in 2005.

This was last published in January 2007

Dig Deeper on Linux security risks and threats

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

This title is rather misleading, and the reporting is incomplete. There is no dateline with the byline, so perhaps this is from many years ago, but it must be from several years after 2005. In my experience, when people bring up "Tripwire" today (late 2012), they mean the commercial product, which is much broader than just the FIA, and is actively developed. When people mean the FLOSS tool they specify with something like "the open-source Tripwire."

I really hoped to see more of a comparison/contrast of a strong FLOSS tool and a strong commercial tool. Please update with some more details.