Suse & OpenSuse Tips » cron http://www.susetips.com Tricks, Guides, Tutorials, How Tos and Troubleshooting suse linux Sat, 05 Jun 2010 17:55:24 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Tripwire : Open Source Security Utility http://www.susetips.com/2009/04/04/tripwire-open-source-security-utility/ http://www.susetips.com/2009/04/04/tripwire-open-source-security-utility/#comments Sat, 04 Apr 2009 13:10:04 +0000 admin http://www.susetips.com/2009/04/04/tripwire-open-source-security-utility/ Post from: Suse & OpenSuse Tips
-----------------------------------------------------------------------

Tripwire : Open Source Security Utility

]]> tripwire-security-linux

In term of security, there are many basic security tools that you can add. Tripwire is one of the best file system monitoring tools around. In a nutshell, Tripwire helps to record information about important files (such as checksums) in a database. If anything changes in those files, Tripwire will catch the change when it runs (configure it as often as you like with cron) and will alert you.

Tripwire OpenSource project is based on codes that is originally contributed by Tripwire, Inc. in 2000. Tripwire can alert systems administrators whenever there is any possible intrusion attempts by periodically verifying the integrity of a server’s file systems. It is known that most systems intruders will often use trojan binaries for login, su, ps, and ls, etc. to cover their tracks and keep a low profile on the system. Thus, under normal circumstances even astute systems administrators may not observe the intrusion because the trojan binaries mimic the system binaries so well. By using a strong checksum method similar to MD5,

Tripwire can identify with absolute certainty whether or not a file has been modified, unlike similar programs that use weaker algorithms such as CRC to calculate checksums. While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, and policy compliance.

Installation

To install Tripwire, you may issue the following commands as root: 

  tar xvzf tripwire-2.3-47.i386.tar.gz

  rpm -ivh tripwire-2.3-47.i386.rpm

Once the software is installed with rpm, the installation shell script will need to be executed to finish the Tripwire installation. This is done by issuing the command: 

  /etc/tripwire/twinstall.sh

as root. Note that all Tripwire associated files are kept in the /etc/tripwire directory.

Download Tripwire

Post from: Suse & OpenSuse Tips
-----------------------------------------------------------------------

Tripwire : Open Source Security Utility

---
Related Articles at Suse & OpenSuse Tips:


]]> http://www.susetips.com/2009/04/04/tripwire-open-source-security-utility/feed/ 0