[ Thanks to Falko
Timme for this link. ]
“A file integrity scanner is something you need to
have. Imagine a hacker placing a backdoor on your web site, or
changing your order form to email him a copy of everyone’s credit
card while leaving it appear to be functionally normally.“By setting up daily reporting, this notifies you within, at
most, 24 hours of when any file was changed, added, or removed. It
also helps establish an audit trail in the event your site is
compromised.“These instructions are designed for an end user, where you
don’t need to have root access, to implement and assumes your
server has the aide binary installed. Most hosts will have this
installed already, or will install it for you upon request.“Step 1: Download A Sample AIDE config file
“We will start with a simple one, this will scan your web root
directory for md5 hash changes.“To download the file, SSH into your account and run:
$ wget securehostingdirectory.com/aide.conf