Who's Got Root? Find Out With Tripwire

Tuesday, 24 December 2002, 12:27 PM EST

Your network groans under the weight of monitors and alarms. Every packet, every bit is inspected, scrutinized, sanitized, and organized. Surely it is time to relax and take it easy. Except for one little nagging worry- if an intruder slides through all the barriers, past all the traps, and successfully cozies into a snug corner, how will you know?

Most security applications are reactive: they look for evidence of known exploits. Tripwire doesn't need a personal introduction to villains, it detects any suspicious changes. It creates a baseline snapshot of a system when it is in a known good state, then makes comparisons against this baseline. When files change that shouldn't, such as system binaries, or registry objects, Tripwire will tell you. If the changes are valid, the Tripwire database can be updated. If there is a problem, the ace admin will know exactly what was affected.

It is not meant to replace other security measures, or to be the sole security measure. It monitors the integrity of your perimeter watchdogs- 'watches the watchers'- a most useful ability, as firewalls and routers are prime targets of attack. It monitors the integrity of internal systems, detecting and reporting changes no matter where they originate, from the inside or outside. Other intrusion detectors typically search for signatures of known exploits, which is useful as long as only known exploits are used against you.

[ Read more ]




Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //