Difference between revisions of "Tripwire"
From Alessandro's Wiki
Line 5: | Line 5: | ||
== configuration / installation == | == configuration / installation == | ||
=== installaing from repositories === | |||
* debian based | |||
apt-get install tripwire | apt-get install tripwire | ||
* red-hat | * red-hat based | ||
yum install tripwire | yum install tripwire | ||
* gentoo | * gentoo | ||
emerge app-admin/tripwire | emerge app-admin/tripwire | ||
=== first run === | |||
* first install: | * first install: |
Revision as of 07:58, 22 September 2011
- tripwire is a security tool to check for modified system files.
configuration / installation
installaing from repositories
- debian based
apt-get install tripwire
- red-hat based
yum install tripwire
- gentoo
emerge app-admin/tripwire
first run
- first install:
/etc/tripwire/twinstall.sh
- Generate database with passwords:
tripwire -m i
- edit config file:
vi /etc/tripwire/twcfg.txt
- change this to false at first run. Put it back to true after directory rescan.
LOOSEDIRECTORYCHECKING =true
- edit policy file:
vi /etc/tripwire/twpol.txt
- adapt policy to the system:
tripwire --update-policy -Z low /etc/tripwire/twpol.txt