
Sid – Static Intrusion Detection for NetBSD - vezzy-fnord
https://mail-index.netbsd.org/source-changes/2015/09/24/msg069028.html
======
hga
I have to wonder if the author is a _U.F.O._ TV series fan:
[http://ufoseries.com/guide/sid.html](http://ufoseries.com/guide/sid.html)

------
atmosx
This is an AIDE BSD clone[1]. I'm not sure how many people run these tools on
their systems these days. Current systems are highly dynamic, I'm not sure
about the amount of protection an intrusion detection system based on file
changes offers today.

[1] [http://aide.sourceforge.net/](http://aide.sourceforge.net/)

~~~
vezzy-fnord
NetBSD has already had kernel-level file signature integrity for a while in
the form of Veriexec [1], I assume this is a continuation of established
precedent.

[1] [https://www.netbsd.org/docs/guide/en/chap-
veriexec.html](https://www.netbsd.org/docs/guide/en/chap-veriexec.html)

------
jschwartzi
It could be useful in an embedded environment provided you can feed it a hash
whitelist. There are probably tons of routers and other hardware out there
with little to no runtime integrity checking simply because it costs
engineering effort to implement.

