Tripwire

From aoxoaWiki
Jump to: navigation, search

PAGE CURRENTLY UNDER DEVELOPMENT

Tripwire is software that monitors changes to files - specifically system files. It is used to alert the sysadmin that something changes a system file; it is then up to the sysadmin to determine if that was a legitimate change, or signs of system intrusion.

Below are some instructions for building and running the utility.

At present, I am only installing this package on my OpenSuSE box....

Add the Security Repository

Tripwire is found (only) in the Security repository. Use the command below to list the currently configured repositories:

  zypper repos

If the Security repository is not included, add it with the command:

  zypper addrepo -f http://download.opensuse.org/repositories/security/openSUSE_13.1/ security

Download and Install the Tripwire Package

  zypper install tripwire

Configuring Tripwire

PAGE CURRENTLY UNDER DEVELOPMENT


Online Resources

Linux Magazine - Detecting Attackers with Tripwire


Back to Main Page