$ head -n 4 /usr/sbin/fimd
# ./fimd: Simplified File & Server integrity monitor 
# ./fimd is a simple cloud-based file integrity monitor to detect
#        changes to a Linux server. It is supposed to not be noisy
#        like most integrity checkers.

./FIMD - File Integrity Monitor Daemon

./fimd is a very simple system integrity monitor for Linux servers. All you run on your server is a small shell script (easy to audit) that collects the current state of the server. It detects changes to files, ports, iptables rules, cron jobs and the RPM/Deb database. The checksum is stored in the "cloud", so even if your server is compromised you can still see what was changed.

Note that ./fimd is not a full server security solution and it only covers the FIM (state changes) monitoring. You still need to watch your logs (OSSEC is recommended), use a firewall and keep your server updated.

Installation

Could not be easier (3 steps):

Step 1: Create an account here: Sign up. It will generate an API key for you.

Step 2: Once the API is created, run this command on the terminal of the servers you want covered: "wget https://fimd.dcid.me/fimd.sh; sh ./fimd.sh". It will ask for your API key and once provided, you don't have to do anything else.

Step 3: You are set. You can login here to see the results and updates: Login.





Home | Login or Signup