Tripwire on your Fedora box
Tripwire is an Intrusion Detection System. This can be used to alert users whenever their system is compromised. Tripwire detects and reports changes in system files. It will alert you through email whenever a change is detected. If the change is due to normal system activity, you can instruct Tripwire not to report the change to that file in future. If the change is not due to normal system activity, then it is a clear indication that something is wrong and you need to act immediately and fix the issue. Thus tripwire comes very handy to maintain the integrity of the system.
There is lot of information on the web about Tripwire. Some people might argue that AIDE (Advanced Intrusion Detection Environment) is better than tripwire and so on. This comparison is beyond the scope of this article. This is an introductory article for novice users who are interested in installing Tripwire on their Fedora Box. Advanced users can refer to the web for relevant information or they can contact appropriate mailing lists.
By Krishnan Subramanian at Fedora News.
[ Read more ]
- Review: Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID (19 June 2003)
- Review: Network Intrusion Detection 3/e (24 January 2003)
- Article: Securing Linux (16 May 2002)
- Article: Tips on basic Linux server security (14 May 2002)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.