Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Suggestions
  4. Topic: tripwire
« previous next »
Pages: [1]   Go Down

tripwire

  • 1 Replies
  • 874 Views

Grub

tripwire
« on: December 31, 2001, 01:50:58 PM »
Tripwire is a tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc.

ref.

http://www.tripwire.org/
Logged

Sergio Korlowsky

Re: tripwire
« Reply #1 on: January 19, 2002, 01:23:20 AM »
So it does AIde:
---------------
description

AIDE (Advanced Intrusion Detection Environment) is a free replacement for
Tripwire. It does the same things as the semi-free Tripwire and more. There
are other free replacements available so why build a new one? All the other
replacements do not achieve the level of Tripwire. And I wanted a program that
would exceed the limitations of Tripwire. The idea is that for an intruder to
get in, certain files on the system must change - configuration files, for
example. And once an intruder is in, in order to do much useful, the intruder
must gain root access - something else that requires changing files. aide
ensures that you (root) can be notified of ANY changes to a configurable list
of properties (modification date, size, various hash-values) of a configurable
list files. Aide should be installed right after the OS installation, and
before you have connected your system to a network (i.e., before any
possibility exists that someone could alter files on your system).
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Suggestions
  4. Topic: tripwire