maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
hacktricks/src/generic-methodologies-and-resources/basic-forensic-methodology/file-integrity-monitoring.md

27 lines
1.6 KiB
Markdown
Raw Blame History

{{#include ../../banners/hacktricks-training.md}}
# Msingi
Msingi unajumuisha kuchukua picha ya sehemu fulani za mfumo ili **kuilinganisha na hali ya baadaye ili kuonyesha mabadiliko**.
Kwa mfano, unaweza kuhesabu na kuhifadhi hash ya kila faili ya mfumo wa faili ili uweze kugundua ni faili zipi zilizobadilishwa.\
Hii inaweza pia kufanywa na akaunti za watumiaji zilizoundwa, michakato inayoendesha, huduma zinazotumika na chochote kingine ambacho hakipaswi kubadilika sana, au hata kidogo.
## Ufuatiliaji wa Uadilifu wa Faili
Ufuatiliaji wa Uadilifu wa Faili (FIM) ni mbinu muhimu ya usalama inayolinda mazingira ya IT na data kwa kufuatilia mabadiliko katika faili. Inajumuisha hatua mbili muhimu:
1. **Ulinganisho wa Msingi:** Kuanzisha msingi kwa kutumia sifa za faili au checksums za kificho (kama MD5 au SHA-2) kwa ajili ya ulinganisho wa baadaye ili kugundua mabadiliko.
2. **Arifa za Mabadiliko ya Wakati Halisi:** Pata arifa za papo hapo wakati faili zinapofikiwa au kubadilishwa, kawaida kupitia nyongeza za kernel za OS.
## Zana
- [https://github.com/topics/file-integrity-monitoring](https://github.com/topics/file-integrity-monitoring)
- [https://www.solarwinds.com/security-event-manager/use-cases/file-integrity-monitoring-software](https://www.solarwinds.com/security-event-manager/use-cases/file-integrity-monitoring-software)
## Marejeleo
- [https://cybersecurity.att.com/blogs/security-essentials/what-is-file-integrity-monitoring-and-why-you-need-it](https://cybersecurity.att.com/blogs/security-essentials/what-is-file-integrity-monitoring-and-why-you-need-it)
{{#include ../../banners/hacktricks-training.md}}
Reference in New Issue View Git Blame Copy Permalink