Implementation of a File Integrity Check System

by Don Mosley Oct. 1, 2017 via Infosecwriters

The area of real-time Intrusion Detection and Prevention utilizing intelligent routers or various network attached appliances has received much press in the last few years. Should any of these defenses provide less than 100% effective coverage the user will be left unaware of any 'mischief' that might have gotten through. There is still a need for non real-time scanning of system files to determine any unauthorized modifications. This type of audit is often the only effective way to spot malicious activity originating from inside the enterprise network. This paper will outline mechanisms and practices for effective file integrity checking.

http://www.infosecwriters.com/Papers/DMosley_File_Integrity.pdf

Avatar
Irina Alexandra Negrii 1 week ago

FIM tracks who accesses sensitive data as well as any changes that occur to the data..its methods involve comparing between a good, known baseline of a file and the current state of the file and also includes an audit trail, which allows IT professionals to validate changes, ensuring that they don’t jeopardize data integrity.

Reply