Librenix  
(Show all Security articles . . .
)  
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

Security Tutorial: Tripwire: Introduction and use

Up
vote
Down

Use Tripwire so that you will be able to tell if your system becomes compromised or even innocently corrupted.
Tripwire is an Open Source program created to monitor changes in a key subset of files identified by you, and report on any changes in any of those files. When changes are detected, you, as the sysadmin, can determine whether those changes occurred due to normal, permitted activity, or whether they where caused by a breakin. If the former, you can update the system baseline to the new files. If the latter, you can shut down and begin repair and forensic activities.

Tripwire's principle is simple enough. The sysadmin identifies key files and causes Tripwire to record checksums for those files. He also puts in place a cron job to scan those files at intervals (daily or more frequently), comparing to the original checksum. Any changes, additions or deletions are reported, so the proper action can be taken.
 read more | mail this link | score:7427 | -Ray, May 15, 2003
More Sysadmin articles...

Abstract Art Prints for Sale

admin headlines

Virtual Hosting: Proftpd, MySQL on Ubuntu 12.10

Tutorial: Installing Lighttpd, PHP5, MySQL on Ubuntu 12.10

Tutorial: Xen on CentOS 6.3 (x86_64)

Tutorial: CentOS 6.3 Samba server with tdbsam

Howto: Unity with Dodge Windows behavior in Ubuntu 12.04

Web Filtering on Squid 3 with QuintoLabs Content Security 1.4 and Windows Active Directory Integration

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin