Recommendations On A Simple HIDS For A Desktop User?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Unless the user has root access, those utilities may be over doing it bit.
clamav and some common sense (don't scan for PUA and only scan /home/<user>
rkhunter with proper configuration.
Security isn't an "app", it is a process.
And IF the OS isn't something stable or maintained, why bother?
Each OS is slightly different, but nothing works if it is not regularly maintained.
your "LOL" may be stemming from critical missing info from your post, Like OS build channel (LTS vs non-LTS)
The more you offer, the more you are likely to get out of such requests. LOL.
Why would AIDE be "outdated"?
Last edited by Habitual; 01-30-2018 at 11:42 AM.
Reason: punctuation, of course.
I use it. You just have to run it as soon as you have all your programs installed for a database, and copy the original output file to a Flash Drive for comparison. It puts out a lot of info and you need to know what to look for in abnormal changes when running it to compare databases, so it can be confusing.
I actually rely more on rkhunter for file changes on FreeBSD, but OpenBSD considers it a gimmick and it isn't even in their repository.
You also used an acronym in your post title – HIDS – that might not be familiar to many people, and your OP doesn't offer any definition for that acronym. (It sounds like an unpleasant disease ...)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.