Difference between revisions of "Tripwire"
From Alessandro's Wiki
(Created page with " = tripwire = http://www.tripwire.com/ * tripwire is a security tool to check for modified system files. == configuration / installation == * installaing from repositories: ...") |
|||
Line 1: | Line 1: | ||
http://www.tripwire.com/ | http://www.tripwire.com/ |
Revision as of 06:41, 22 September 2011
- tripwire is a security tool to check for modified system files.
configuration / installation
- installaing from repositories:
apt-get install tripwire
- red-hat
yum install tripwire
- Generate database with passwords:
tripwire -m i
- edit config file:
vi /etc/tripwire/twcfg.txt
- change this to false at first run. Put it back to true after directory rescan.
LOOSEDIRECTORYCHECKING =true
- edit policy file:
vi /etc/tripwire/twpol.txt
- adapt policy to the system:
tripwire --update-policy -Z low /etc/tripwire/twpol.txt