Signed-off-by: Jeffrey Blank blank@eclipse.ncsc.mil --- RHEL6/input/system/software/integrity.xml | 9 ++++++--- 1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/RHEL6/input/system/software/integrity.xml b/RHEL6/input/system/software/integrity.xml index b6e69bf..83a8287 100644 --- a/RHEL6/input/system/software/integrity.xml +++ b/RHEL6/input/system/software/integrity.xml @@ -4,15 +4,18 @@ Both the AIDE (Advanced Intrusion Detection Environment) software and the RPM package management system provide mechanisms for verifying the integrity of installed software. -AIDE is the successor to the well-known Tripwire integrity -checker. The RPM package management system can conduct integrity +AIDE uses snapshots of file metadata (such as hashes) and compares these +to current system files in order to detect changes. +The RPM package management system can conduct integrity checks by comparing information in its metadata database with files installed on the system. <br /><br /> Integrity checking cannot <i>prevent</i> intrusions into your system, but can detect that they have occurred. Requirements for software integrity checking may be highly dependent on -the environment in which the system will be used. +the environment in which the system will be used. Snapshot-based +approaches such as AIDE may induce considerable overhead +in the presence of frequent software updates. </description>
<Group id="aide">