What is Tripwire?
Tripwire is a form intrusion detection system (IDS) that helps you keep tabs on the integrity of the files on your computer. Quite simply it will help identify files or modifications made to your system in the event someone compromised your system.
How does Tripwire work?
Tripwire works on a pretty easy to understand concept. Basically, when you install Tripwire on your linux box you tell it to scan your system and create a database of checksums and information. Once you have a good reference point or database setup, you then scan your system on a regular basis for modifications to your file system.
Why would I want run a file system integrity software?
If you have ever had your system compromised by a cracker, it's an extremely frustrating time. You never know what they have done, where they have been, or what files they have modified or installed. This type of application helps in the recovery process. Quite often crackers will installed a group of applications on your system called a rootkit. A rootkit overwrites many of your commonly used system files to help hide the tracks of the cracker, or leave a backdoor on your system so he can return at a later date. Often the types of files modified are ones such as ps and netstat. By installing their own version of applications like these they can hide the fact there is additional daemons and processes running the background.
How do I put Tripwire to practical use?
Tripwire can be configured to send you e-mails at a set time interval via Sendmail or SMTP. On small systems it wouldn't be unreasonable to have your system checked several times a day and have Tripwire e-mail you the results. If you don't want the results e-mailed you can store the information in a file for later review. I believe it is a handy tool to have the logs e-mailed to you, so a problem can be quickly identified.
Thought Tripwire won't protect you from hackers, it will help you identify the level of which your system has been compromised and if scanned at regular time intervals should help you reduce the amount of time for which your system has been compromised. If your system has been broken in to, then the best thing to do is isolate the machine from the network and rebuilt it from know good backups and try to determine the method of entry.
Ken Dennis
http://kendennis-rss.homeip.net/
I love new technology. I am still ready to wait... Read More
Are you one of those people that keeps track of... Read More
Need software to record your voice, streaming audio or musical... Read More
Not all of us have the luxury of working both... Read More
If you use Microsoft Outlook (or similar applications) for e-mailing,... Read More
There are two approaches for application integration:? Programmer's approach ?... Read More
COMMAND LINE FUNCTIONA powerful command line script processor has been... Read More
Since its release in 1987, QuarkXpress had made an immediate... Read More
The intuitive algorithm.Roger Penrose considered it impossible. Thinking could never... Read More
Microsoft Retail Management (RMS) and Microsoft Great Plains are retail... Read More
We will base our prognosis on our Microsoft Business Solutions... Read More
Today's business world is fast-paced. No matter what it is... Read More
The COSMIC FP (function point) software quality metric, is no... Read More
Microsoft Business Solutions Great Plains is marketed for mid-size companies... Read More
Linux essentials:It's free for download but you have to pay... Read More
The vast majority of us will have, at some point,... Read More
Adware is a type of Spyware program that displays some... Read More
Anti-virus software is used to find, remove or fix files... Read More
Lotus Notes Domino is very efficient in electronic document workflow... Read More
A few months back I really got sick of my... Read More
I completed an experiment recently. I wanted to find out... Read More
ERP is the acronym of Enterprise Resource Planning. Multi-module ERP... Read More
MS CRM is very close to document workflow automation, including... Read More
Microsoft Business Solutions is emerging as very attractive vendor for... Read More
Microsoft Business Solutions Navision is main ERP application for European,... Read More
Des Moines rental limo ..Are you lost in the mess of documents that get... Read More
So, why should you use any O/R mapping tool? I... Read More
Today's business world is fast-paced. No matter what it is... Read More
What is 'adware'?Adware is basically software or scripts that are... Read More
Document Management or Enterprise Information Management is perhaps one of... Read More
Most people don't use Photoshop to its fullest capabilities. Here... Read More
This article is the fourth of a series of articles... Read More
In our small article we'll consider Microsoft Business Solutions Great... Read More
Microsoft Business Solutions Great Plains has substantial market share among... Read More
What is Groupware?Have you ever had to manage document collaboration... Read More
Finally, you have some time to personalize your desktop with... Read More
When you double-click a layer in the Layer Palette, you... Read More
Just when you thought you were Web savvy, one more... Read More
RSS (Really Simple Syndication) is a way for a site... Read More
Since technology changes so quickly, it is hard to begin... Read More
The most important benefit of XML is its simplicity. Though... Read More
If you copy something from a Web site or elsewhere...... Read More
In part III of this ISDN primer, we learned that... Read More
I have recently created my first Php program. I wanted... Read More
Microsoft Business Solutions Great Plains and MS CRM (client relation... Read More
Since Version 8.0 Microsoft Business Solutions Great Plains & Great... Read More
This is a short article, written in question/answer/FAQ style to... Read More
Once a business idea is selected, it is highly recommended... Read More
A LOT OF UNWANTED FILES.When you uninstall an item of... Read More
With thousands of web pages added to the Net every... Read More
Software |