HOWTO Setup Tripwire

From Research
Revision as of 22:24, 25 August 2006 by Mmmark (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Setting Up a Tripwire Installation

# emerge tripwire
# cd /etc/tripwire
# tripwire --init
# twadmin --create-polfile twpol.txt
# twadmin --create-polfile -S hostname-local.key twpol.txt

Generate a Report

# tripwire --check

File System Error Messages

To get rid of "File system error." messages where the file or folder does not exist, comment out the culprits from /etc/tripwire/twpol.txt Then, update the policy file and re-init the db: 

# twadmin --create-polfile -S /etc/tripwire/hostname-local.key /etc/tripwire/twpol.txt
# tripwire --init
# tripwire --check

After System Changes

After you emerge packages or change config files: 

# tripwire --update --twrfile /var/lib/tripwire/report/a_previous_integrity_report.twr
Retrieved from "https://research.iat.sfu.ca/research/index.php?title=HOWTO_Setup_Tripwire&oldid=3290"