AIDE Intrusion Detection Over SSHFS
To explain why and how I've done this, I'm going to talk a little about my home-security measures/architecture, which I'm not too comfortable about. However, security-through-obscurity isn't security at all so here goes... I've used AIDE ( the intrusion detection program , not the Android IDE) for years now to improve my confidence that nobody is poking around on the home machines I have open to the internet. I have my internet-visible machines on their own separate subnet under a dedicated router. I call it a DMZ , even though I'm not 100% sure that's technically accurate in my case. Anyway, my normal trusted subnet sits under a different router, so I can be fairly confident nothing can get in from the DMZ to my trusted subnet. However, to run the intruder detection checks, I have a machine on the trusted subnet ssh in to each of the DMZ machines in turn (copying the static-linked binary and database over each time before running the check). Ubu...