Difference between revisions of "Tripwire"
(Created page with "Tripwire is software used to monitor your system to detect server intrusions. Tripwire is security software known as a host-based intrusion detection system (HIDS). Tripwire...") |
|||
Line 6: | Line 6: | ||
While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, and policy compliance. | While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, and policy compliance. | ||
+ | |||
+ | == installation == | ||
+ | |||
+ | == configure == | ||
+ | |||
+ | == further customize == | ||
+ | |||
+ | == troubleshoot == | ||
+ | |||
+ | == resources == | ||
[[Category:Computer_Technology]] | [[Category:Computer_Technology]] | ||
[[Category:Linux]] | [[Category:Linux]] | ||
[[Category:Security]] | [[Category:Security]] |
Revision as of 11:00, 2 July 2015
Tripwire is software used to monitor your system to detect server intrusions. Tripwire is security software known as a host-based intrusion detection system (HIDS). Tripwire is Open Source under the GNU General Public License.
Rather than attempting to detect intrusions at the network interface level (as in network intrusion detection systems), Tripwire detects changes to file system objects.
When first initialized, Tripwire scans the file system as directed by the administrator and stores information on each file scanned in a database. At a later date the same files are scanned and the results compared against the stored values in the database. Changes are reported to the user. Cryptographic hashes are employed to detect changes in a file without storing the entire contents of the file in the database.
While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, and policy compliance.