156
Chapter 11. Tripwire
/etc/tripwire/tw.pol
The active Tripwire policy file is an encrypted file containing comments, rules, directives, and
variables. This file dictates the way Tripwire checks your system. Each rule in the policy file
specifies a system object to be monitored. Rules also describe which changes to the object to
report and which to ignore.
System objects are the files and directories you wish to monitor. Each object is identified by
an object name. A property refers to a single characteristic of an object that Tripwire software
can monitor. Directives control conditional processing of sets of rules in a policy file. During
installation, the sample text policy file ,
/etc/tripwire/twpol.txt
, is used to generate the
active Tripwire policy file.
After running the the installation script, the system administrator can update the Tripwire policy
file by editing
/etc/tripwire/twpol.txt
and regenerating a signed copy of the
tw.pol
file
using the
twadmin
command. See Section 11.8 for more information on how to do this.
/var/lib/tripwire/host_name.twd
When first initialized, Tripwire uses the signed policy file rules to create this database file. The
Tripwire database is a baseline snapshot of the system in a known secure state. Tripwire com 
pares this baseline against the current system to determine what changes have occurred. This
comparison is called an integrity check.
/var/lib/tripwire/report/host_name date_of_report time_of_report.twr
When you perform an integrity
check,
Tripwire produces report
files in the
/var/lib/tripwire/report/
directory. The report files summarize any file changes that
violated the policy file rules during the integrity check. Tripwire reports are named using the
following convention:
host_name date_of_report time_of_report.twr
. These reports
detail the differences between the Tripwire database and your actual system files.
11.11. Additional Resources
Tripwire can do more than what is covered in this chapter. Refer to these additional sources for more
information about Tripwire.
11.11.1. Installed Documentation
  /usr/share/doc/tripwire  version number
  An excellent starting point for learning
T
U
about how to customize the configuration and policy files in the
/etc/tripwire/
directory.
Also, refer to the man pages for
tripwire
,
twadmin
and
twprint
for help using those utilities.
11.11.2. Useful Websites
http://www.tripwire.org   The home of the Tripwire Open Source Project, where you can find the
latest news on the application, including a helpful FAQ.
http://sourceforge.net/project/showfiles.php?group_id=3130   This links to the latest official doc 
umentation from the Tripwire project.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

tomcat hosting

 

Our partners: PHP: Hypertext Preprocessor Best Web Hosting Java Web Hosting Inexpensive Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Jsp Hosting Cheap Hosting

Visionwebhosting.net Business web hosting division of Web Design Plus. All rights reserved