hacktricks/forensics/basic-forensic-methodology/file-integrity-monitoring.md

{% hint style="success" %}
Jifunze na zoezi la AWS Hacking: <img src="/.gitbook/assets/arte.png" alt="" data-size="line"> [**Mafunzo ya HackTricks ya Mtaalam wa Timu Nyekundu ya AWS (ARTE)**](https://training.hacktricks.xyz/courses/arte) <img src="/.gitbook/assets/arte.png" alt="" data-size="line"> \
Jifunze na zoezi la GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line"> [**Mafunzo ya HackTricks ya Mtaalam wa Timu Nyekundu ya GCP (GRTE)** <img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>unga mkono HackTricks</summary>

* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}


# Kiwango cha Msingi

Kiwango cha msingi kinajumuisha kuchukua picha ya sehemu fulani ya mfumo ili **kulinganisha na hali ya baadaye ili kubaini mabadiliko**.

Kwa mfano, unaweza kuhesabu na kuhifadhi hash ya kila faili kwenye mfumo wa faili ili uweze kugundua ni faili zipi zilizobadilishwa.\
Hii pia inaweza kufanywa na akaunti za watumiaji zilizoundwa, michakato inayoendeshwa, huduma zinazoendeshwa na chochote kingine ambacho hakitakiwi kubadilika sana, au kabisa.

## Ufuatiliaji wa Uadilifu wa Faili

Ufuatiliaji wa Uadilifu wa Faili (FIM) ni mbinu muhimu ya usalama inayolinda mazingira ya IT na data kwa kufuatilia mabadiliko katika faili. Inajumuisha hatua mbili muhimu:

1. **Ulinganisho wa Kiwango cha Msingi:** Weka kiwango cha msingi kwa kutumia sifa za faili au checksums za kryptografiki (kama MD5 au SHA-2) kwa kulinganisha baadaye ili kugundua mabadiliko.
2. **Arifa za Mabadiliko Halisi:** Pata arifa za papo hapo wakati faili zinapofikiwa au kuhaririwa, kawaida kupitia nyongeza za msingi wa OS.

## Vyombo

* [https://github.com/topics/file-integrity-monitoring](https://github.com/topics/file-integrity-monitoring)
* [https://www.solarwinds.com/security-event-manager/use-cases/file-integrity-monitoring-software](https://www.solarwinds.com/security-event-manager/use-cases/file-integrity-monitoring-software)

## Marejeo

* [https://cybersecurity.att.com/blogs/security-essentials/what-is-file-integrity-monitoring-and-why-you-need-it](https://cybersecurity.att.com/blogs/security-essentials/what-is-file-integrity-monitoring-and-why-you-need-it)


{% hint style="success" %}
Jifunze na zoezi la AWS Hacking: <img src="/.gitbook/assets/arte.png" alt="" data-size="line"> [**Mafunzo ya HackTricks ya Mtaalam wa Timu Nyekundu ya AWS (ARTE)**](https://training.hacktricks.xyz/courses/arte) <img src="/.gitbook/assets/arte.png" alt="" data-size="line"> \
Jifunze na zoezi la GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line"> [**Mafunzo ya HackTricks ya Mtaalam wa Timu Nyekundu ya GCP (GRTE)** <img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>unga mkono HackTricks</summary>

* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}