AIDE and Tripwire are both File Integrity Agents (FIAs). An FIA monitors the integrity and state of the files and objects on your host. If it detects changes to those files, then alerts the administrator that an unauthorized access or change has taken place. FIAs usually take a hash of all files to be monitored using an algorithm like MD5. The snapshot is periodically checked against the current hash of the file and any variations alerted on.
One of the key differences between Tripwire and AIDE is their commercial status. Tripwire was originally a free, open source product and is now a commercial product. However, a free version of Tripwire (branched from the Tripwire code in 2000) is still being developed at http://sourceforge.net/projects/tripwire/. In comparison, AIDE is entirely open source and licensed via the GPL.
Whilst essentially very similar in functionality, in my opinion there does seem to be more regular development on AIDE with more features and updates being released. The open source Tripwire version was last updated in 2005.
Dig Deeper on Linux servers
Related Q&A from James Turnbull
Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains... Continue Reading