Tripwire

From Alessandro's Wiki

Revision as of 06:41, 22 September 2011 by Xunil (talk | contribs) (Created page with " = tripwire = http://www.tripwire.com/ * tripwire is a security tool to check for modified system files. == configuration / installation == * installaing from repositories: ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

tripwire

http://www.tripwire.com/

tripwire is a security tool to check for modified system files.

configuration / installation

installaing from repositories:

apt-get install tripwire

red-hat

yum install tripwire

Generate database with passwords:

tripwire -m i

edit config file:

vi /etc/tripwire/twcfg.txt

change this to false at first run. Put it back to true after directory rescan.

LOOSEDIRECTORYCHECKING =true

edit policy file:

vi /etc/tripwire/twpol.txt

adapt policy to the system:

tripwire --update-policy -Z low /etc/tripwire/twpol.txt

Retrieved from "https://wiki.alessandro.delgallo.net//index.php?title=Tripwire&oldid=5674"