What is Tripwire?
Tripwire is a form intrusion detection system (IDS) that helps you keep tabs on the integrity of the files on your computer. Quite simply it will help identify files or modifications made to your system in the event someone compromised your system.
How does Tripwire work?
Tripwire works on a pretty easy to understand concept. Basically, when you install Tripwire on your linux box you tell it to scan your system and create a database of checksums and information. Once you have a good reference point or database setup, you then scan your system on a regular basis for modifications to your file system.
Why would I want run a file system integrity software?
If you have ever had your system compromised by a cracker, it's an extremely frustrating time. You never know what they have done, where they have been, or what files they have modified or installed. This type of application helps in the recovery process. Quite often crackers will installed a group of applications on your system called a rootkit. A rootkit overwrites many of your commonly used system files to help hide the tracks of the cracker, or leave a backdoor on your system so he can return at a later date. Often the types of files modified are ones such as ps and netstat. By installing their own version of applications like these they can hide the fact there is additional daemons and processes running the background.
How do I put Tripwire to practical use?
Tripwire can be configured to send you e-mails at a set time interval via Sendmail or SMTP. On small systems it wouldn't be unreasonable to have your system checked several times a day and have Tripwire e-mail you the results. If you don't want the results e-mailed you can store the information in a file for later review. I believe it is a handy tool to have the logs e-mailed to you, so a problem can be quickly identified.
Thought Tripwire won't protect you from hackers, it will help you identify the level of which your system has been compromised and if scanned at regular time intervals should help you reduce the amount of time for which your system has been compromised. If your system has been broken in to, then the best thing to do is isolate the machine from the network and rebuilt it from know good backups and try to determine the method of entry.
Ken Dennis
http://kendennis-rss.homeip.net/
TCO (Total Cost Ownership) is the buzzword in... Read More
Microsoft bought Navision, Denmark based software development company, along with... Read More
Microsoft Business Solutions Great Plains, former Great Plains Software Dynamics... Read More
Microsoft Business Solutions Great Plains is very popular ERP/MRP applications... Read More
Microsoft Business Solutions Great Plains has full-featured manufacturing set of... Read More
In this small article we will show you the possible... Read More
Case study: A secretary using Corel WordPerfect 7 is often... Read More
I have always had a tendency to focus on the... Read More
What is 'adware'?Adware is basically software or scripts that are... Read More
Microsoft Retail Management (RMS) and Microsoft Great Plains are retail... Read More
MS CRM is very close to document workflow automation, including... Read More
Siebel is traditional CRM market leader, however and mostly due... Read More
Microsoft Great Plains is one of three Microsoft Business Solutions... Read More
In today's business world it's all but impossible to escape... Read More
Microsoft Business Solutions Great Plains was purchased from Great Plains... Read More
The Windows registry is a huge database that ensures normal... Read More
Microsoft Business Solutions Great Plains is marketed for mid-size companies... Read More
Healthcare facilities such as clinics, hospitals, and biomedical laboratories can... Read More
Microsoft Outlook is one of the most widely used software... Read More
Microsoft bought Navision, Denmark based software development company, along with... Read More
This article is the third of a series of articles... Read More
Mapping Software Improves Data VisualizationFrom the outset, it is important... Read More
What is Spyware?Spyware monitors your surfing habits and sends the... Read More
Whether you are a small consultancy firm, a medium sized... Read More
Document Management or Enterprise Information Management is perhaps one of... Read More
house cleaning company Bannockburn ..Rapid Application Development (RAD) is a software development methodology. In... Read More
Microsoft Great Plains, former Great Plains Software Dynamics / eEnterprise... Read More
Microsoft Great Plains serves majority of US based horizontal and... Read More
Are you ready? SQL Server 2005, the next-generation data management... Read More
Fleet Maintenance Management is a critical position in any company... Read More
In this small article we will be looking at the... Read More
Sticky Noteshttp://www.deprice.com/stickynote.htmWith StickyNote 9.0, you can create beautiful 3D notes... Read More
Microsoft Business Solutions ? Navision is an integrated solution for... Read More
Innovative Maintenance Systems (IMS) is one company that offers solutions... Read More
Enabling Chinese input is quick and easy, there are only... Read More
Spyware is like the new technological nuclear weapon on the... Read More
Beginning with Domino version R4 it has integration with the... Read More
Microsoft Business Solutions Great Plains is marketed for mid-size companies... Read More
Manufacturing in the USA is far away down from mid... Read More
It's not very often I get excited about a software... Read More
... Read More
Adware is a type of Spyware program that displays some... Read More
The research in the field of Natural Language Processing usually... Read More
In the new era of internet marketing the problem of... Read More
Microsoft Retail Management (RMS) and Microsoft Great Plains are retail... Read More
Table of Contents1) Introduction 2) Related Work 3) Framework 4)... Read More
As we could imagine, if you are reading this article... Read More
In order to implement VLANs in a network environment, you'll... Read More
Many Webmasters have never bothered to view their website's server... Read More
Since technology changes so quickly, it is hard to begin... Read More
Software |