What is Tripwire?
Tripwire is a form intrusion detection system (IDS) that helps you keep tabs on the integrity of the files on your computer. Quite simply it will help identify files or modifications made to your system in the event someone compromised your system.
How does Tripwire work?
Tripwire works on a pretty easy to understand concept. Basically, when you install Tripwire on your linux box you tell it to scan your system and create a database of checksums and information. Once you have a good reference point or database setup, you then scan your system on a regular basis for modifications to your file system.
Why would I want run a file system integrity software?
If you have ever had your system compromised by a cracker, it's an extremely frustrating time. You never know what they have done, where they have been, or what files they have modified or installed. This type of application helps in the recovery process. Quite often crackers will installed a group of applications on your system called a rootkit. A rootkit overwrites many of your commonly used system files to help hide the tracks of the cracker, or leave a backdoor on your system so he can return at a later date. Often the types of files modified are ones such as ps and netstat. By installing their own version of applications like these they can hide the fact there is additional daemons and processes running the background.
How do I put Tripwire to practical use?
Tripwire can be configured to send you e-mails at a set time interval via Sendmail or SMTP. On small systems it wouldn't be unreasonable to have your system checked several times a day and have Tripwire e-mail you the results. If you don't want the results e-mailed you can store the information in a file for later review. I believe it is a handy tool to have the logs e-mailed to you, so a problem can be quickly identified.
Thought Tripwire won't protect you from hackers, it will help you identify the level of which your system has been compromised and if scanned at regular time intervals should help you reduce the amount of time for which your system has been compromised. If your system has been broken in to, then the best thing to do is isolate the machine from the network and rebuilt it from know good backups and try to determine the method of entry.
Ken Dennis
http://kendennis-rss.homeip.net/
ERP is the acronym of Enterprise Resource Planning. Multi-module ERP... Read More
Sales are all about leverage, because there is only so... Read More
The term "document management" and "paperless office" is the subject... Read More
Navision Software was purchased by Microsoft and now it is... Read More
All of us know that Microsoft bought former Great Plains... Read More
If you've been using MySQL database to store your important... Read More
What is a Web Database?A web database is a database... Read More
.NET platform does not support multiple inheritance. Do not confuse... Read More
This tutorial covers OLAP solutions used by Data warehouses and... Read More
Whether you are an experienced web programmer or a complete... Read More
Microsoft CRM was designed to be easily customizable. Microsoft CRM... Read More
It's no secret that software companies operate in a very... Read More
Today's business world is fast-paced. No matter what it is... Read More
Each Industry and market niche has business specific and unique... Read More
Many Webmasters have never bothered to view their website's server... Read More
Microsoft Retail Management System serves retail single store as well... Read More
When you think... Read More
Intro This concise article will tell you in plain English... Read More
Handling character strings in Java is supported through two final... Read More
The most important things you can do for your computer... Read More
If you have Microsoft Great Plains and support it for... Read More
Manufacturing in the USA is far away down from mid... Read More
IntroductionSurprised, by the title? well, this is a tour of... Read More
This is intermediate level SQL scripting article for DB Administrator,... Read More
Rapid Application Development (RAD) is a software development methodology. In... Read More
Western Springs shuttle limo ..Microsoft Business Solutions Great Plains fits to majority of horizontal... Read More
Spyware and malware are large problems for Internet users today... Read More
In order to implement VLANs in a network environment, you'll... Read More
It would be easy to think, like most people apparently... Read More
The world of small business accounting software can be a... Read More
Now that spyware is the single most dangerous threat to... Read More
If you have been running Windows XP for a couple... Read More
Microsoft Great Plains serves the wide spectrum of horizontal markets.... Read More
Microsoft Great Plains is one of the Microsoft Business Solutions... Read More
Does Microsoft Have any Real Competition? Copyright (c) 2003 Gregory... Read More
Sometimes your PC will start acting strange for no apparent... Read More
How do you run a program on a remote server... Read More
Ok... Where to start?Well, I guess I will start at... Read More
While several preventive maintenance software manufacturers offer free trials for... Read More
For those who are unclear on the differences between the... Read More
When you need a phone number, you do a quick... Read More
What is Tripwire?Tripwire is a form intrusion detection system (IDS)... Read More
When you first think about multicurrency ? you probably have... Read More
A wiki is an editable text-based website. But you don't... Read More
Microsoft Business Solutions Great Plains has many years of successful... Read More
What is Snort?Snort is an open source network intrusion detection... Read More
Are you a database professional? Do you work with a... Read More
Microsoft Business Solutions Great Plains serves multiple industries in the... Read More
TikiWiki is open source software - it is written in... Read More
DBxtra is a powerful query and reporting tool that hides... Read More
Software |