Who's Got Root? Find Out With Tripwire

Tuesday, 24 December 2002, 12:27 PM EST

Your network groans under the weight of monitors and alarms. Every packet, every bit is inspected, scrutinized, sanitized, and organized. Surely it is time to relax and take it easy. Except for one little nagging worry- if an intruder slides through all the barriers, past all the traps, and successfully cozies into a snug corner, how will you know?

Most security applications are reactive: they look for evidence of known exploits. Tripwire doesn't need a personal introduction to villains, it detects any suspicious changes. It creates a baseline snapshot of a system when it is in a known good state, then makes comparisons against this baseline. When files change that shouldn't, such as system binaries, or registry objects, Tripwire will tell you. If the changes are valid, the Tripwire database can be updated. If there is a problem, the ace admin will know exactly what was affected.

It is not meant to replace other security measures, or to be the sole security measure. It monitors the integrity of your perimeter watchdogs- 'watches the watchers'- a most useful ability, as firewalls and routers are prime targets of attack. It monitors the integrity of internal systems, detecting and reporting changes no matter where they originate, from the inside or outside. Other intrusion detectors typically search for signatures of known exploits, which is useful as long as only known exploits are used against you.

[ Read more ]




Spotlight

DMARC: The time is right for email authentication

Posted on 23 January 2015.  |  The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Jan 26th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //