Why You Shouldn't Use Microsoft Windows11.


LMDE5 - Linux Mint Debian Edition.

LMDE5 -...

Why Should I Not Use Windows10?

Here are a...

AIDE - Advanced Intrusion Detection Environment


AIDE - Advanced Intrusion Detection Environment.

AIDE is a file and directory integrity checker and is available in Debian 11 "Bullseye" repository and LMDE5.

Advanced Intrusion Detection Environment - static binary AIDE is an intrusion detection system that detects changes to files on the local system.

It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be checked for inconsistencies.

License: GNU/GPLv2


  • supported message digest algorithms: md5, sha1, rmd160, tiger, crc32, sha256, sha512, whirlpool (additionally with libmhash: gost, haval, crc32b)
  • supported file attributes: File type, Permissions, Inode, Uid, Gid, Link name, Size, Block count, Number of links, Mtime, Ctime and Atime
  • support for Posix ACL, SELinux, XAttrs and Extended file system attributes if support is compiled in
  • plain text configuration files and database for simplicity
  • powerful regular expression support to selectively include or exclude files and directories to be monitored
  • gzip database compression if zlib support is compiled in
  • stand alone static binary for easy client/server monitoring configurations
  • and many more...

The current stable version of AIDE is 0.17.4, but you need to download it here.

If you don't want to, you can install from Debians repository and get Version: 0.17.3-4+deb11u1.

How to install via a terminal window from Debian's repository:

sudo apt-get install aide

Press Enter.

Other supported distributions:

  • Debian: sudo apt install aide
  • Ubuntu: sudo apt install aide
  • LMDE5:  sudo apt install aide
  • FreeBSD: pkg install aide
  • Gentoo: emerge aide
  • Homebrew: brew install aide
  • MacPorts: port install aide
  • NixOS: nix-env -iA nixos.aide
  • OpenBSD: pkg_add aide
  • openSUSE: zypper install aide
  • Red Hat | CentOS | Fedora: yum install aide

Run this command:

sudo aide -v

Press Enter.


user@computer:~$ aide -v
Aide 0.17.3

Compiled with the following options:


Default config values:
config file: <none>
database_in: <none>
database_out: <none>

Available hashsum groups:
md5: yes
sha1: yes
sha256: yes
sha512: yes
rmd160: yes
tiger: yes
crc32: yes
crc32b: yes
haval: yes
whirlpool: yes
gost: yes
stribog256: no
stribog512: no

Default compound groups:
R: l+p+u+g+s+c+m+i+n+md5+acl+selinux+xattrs+ftype+e2fsattrs+caps
L: l+p+u+g+i+n+acl+selinux+xattrs+ftype+e2fsattrs+caps
>: l+p+u+g+i+n+acl+S+selinux+xattrs+ftype+e2fsattrs+caps
H: md5+sha1+rmd160+tiger+crc32+haval+gost+crc32b+sha256+sha512+whirlpool
X: acl+selinux+xattrs+e2fsattrs+caps

You should open the configuration using your favorite editor:

sudo gedit /etc/aide.conf

Press Enter.

It has directives that define the database location, report location, default rules, the directories/files to be included in the database.

You should research recommended settings:

PERMS = p+u+g+acl+selinux+xattrs

The PERMS rule is used for access control only, it will detect any changes to file or directories based on file/directory permissions, user, group, access control and permissions.

To check file content and file type:

CONTENT = sha256+ftype

An extended version of the previous rule, that checks extended content, file type and access:

CONTENT_EX = sha256+ftype+p+u+g+n+acl+selinux+xattrs

DATAONLY rule below will detect any changes in data inside all files/directories:

DATAONLY =  p+n+u+g+s+acl+selinux+xattrs+sha256

Now that you have defined rules, you can specify the file and directories to watch. The following definition will check permissions for all files in root directory.

/root/\..*  PERMS

Check all files in the /root directory for any changes.

/root/   CONTENT_EX

Will help you detect any changes in data inside all files/directory under /etc/

To detect any changes in data inside all files/directory under /etc/:

/etc/   DATAONLY

Use AIDE to Check File and Directory Integrity in Linux:

sudo aide --init

Now rename the database to /var/lib/aide/aide.db.gz before proceeding.

sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

I recommended you move the database to a secure location.

Once the database is created, you can check the integrity of the files and directories:

sudo aide --check

It will comprare the snapshot in the database to the files/directories found on your system disk. If it finds changes,that you might not expect, it generates a report which you can then review.

Developers website


Help us by donating a small amount

If you find this site helpful, please consider donating a small amount.
Please use our contact us form and we will give you the relevant information to make a donation.
We accept BitCoin and ZCash at the moment.

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.


All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.


Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.


Limited Time Offers

NordVPN + 3 Months