Steps to install AIDE on Solaris
--------------------------------
*Tested on Solaris 9 x86, Solaris 10 SPARC*
1. Download Solaris 9 Software Companion .iso from SUN and install software
2. Download the following files from www.sunfreeware.com
*aide
*mhash
3. Put them in a directory called /packages
4. Install them with pkgadd command, after cd'ing to the directory
pkgadd -d all
5. Add the path to AIDE to your path
PATH=$PATH:/usr/local/bin/
export PATH
6. Create the /usr/local/etc/ directory
cd /usr/local
mkdir etc
cd etc
*make sure you are not in /etc
7. Create the aide.conf file
vi aide.conf
8. Put the following entries in the .conf file
#AIDE conf
myrule=p+u+g+n+md5
/etc myrule #check permissions, user, group, md5, link names
NOTE: This is only a portion of the options, see rules and options below, and it only
checks the /etc directory (I chose this since it is where major files like, passwd, shadow,
services and other key files reside)
9. Save the file
:wq
10. Initialize the database
aide -i
11. A file is created in the /usr/local/etc/ directory
aide.db.new
12. Copy the file to aide.db
cp aide.db.new aide.db
13. Save the aide.db.new to a secure location (actually you should remove the aide.db.new and only
put it back in the /usr/local/etc directory when you want to test - see info next)
14. To test the directories/files specified in the .conf file run the following:
aide --check
15. You will see errors and updated md5 checksums when you run this, if there are changes
to any files you will see them
16. Run aide --update to update the aide.db.new if you are okay with anything that has changed
17. Save it to a secure location
18. Add entries to your crontab (root) to process the daily check:
00 12 * * * /usr/sbin/aide --check > /root/aide.log
15 12 * * * /bin/mail -s "aide log" root </root/aide.log
NOTE: you must use the correct path to aide, the log file you create and the sendmail binary
THE END
