The open source Tripwire® is a file integrity checker package that has been around for years and, though I have used it many times on Linux® distributions, I have only recently got around to using it on AIX®. This is mainly due to the following:

* It is troublesome to compile using the gcc AIX version.
* I prefer using the AIX built-in audit service.

However, as there is now a Tripwire rpm for AIX, I use it for some of our AIX boxes. Tripwire does not provide a complete solution to intruder detection based on file changes, but coupled with running an AIX audit, it provides a firm security policy. Tripwire monitors for changes to files and directories on your system via the objects that you provide in the main policy file.