HomePage » Security » SecurityIDS » TripWire


Tripwire quick start guide


Install using yum
yum install tripwire


Generate site key
twadmin -m G -S /etc/tripwire/site.key


Generate local key
twadmin -m G -L /etc/tripwire/ism.comme.ca-local.key


Generate config and policy file, using the shipped templates. Customize scanning targets by editing the shipped policy file.
twadmin --create-cfgfile --cfgfile /etc/tripwire/tw.cfg --site-keyfile /etc/tripwire/site.key /etc/tripwire/twcfg.txt
twadmin --create-polfile --polfile /etc/tripwire/tw.pol --site-keyfile /etc/tripwire/site.key /etc/tripwire/twpol.txt


Initialize database
tripwire --init


Send a test mail
tripwire --test --email you@domain.com


Run check (write to local report file or email it). If you use the email option, you need to add a mailto= directive to every rule inside the policy file.
tripwire --check --twrfile /var/lib/report/myreport.twr
tripwire --check --email-report


Export report file to text
twprint --print-report --twrfile /var/lib/report/report.twr


Finally update the database using a report or interactively
tripwire --update --twrfile /var/lib/report/report.twr
tripwire --check --interactive

There are no comments on this page. [Add comment]

Valid XHTML 1.0 Transitional :: Valid CSS :: Powered by WikkaWiki