380 lines
5.8 KiB
HTML
380 lines
5.8 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Run Tripwire in Database Update Mode</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Linux Tripwire ASR 1.3.1"
|
|
HREF="tripwireASR.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Tripwire in Interactive Checking Mode"
|
|
HREF="chap18sec148.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Software -Securities/Management & Limitation"
|
|
HREF="soft-limits.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap18sec148.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 18. Linux Tripwire ASR 1.3.1</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="soft-limits.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="pr6ch4sc5trp"
|
|
>18.6. Run Tripwire in <I
|
|
CLASS="wordasword"
|
|
>Database Update Mode</I
|
|
></A
|
|
></H1
|
|
><P
|
|
> Running Tripwire in <I
|
|
CLASS="wordasword"
|
|
>Database Update Mode</I
|
|
> mixed with the <TT
|
|
CLASS="filename"
|
|
>tripwire.verify</TT
|
|
> script file that mails the results to the system administrator, will reduce the time of
|
|
scanning the system. Instead of running Tripwire in <I
|
|
CLASS="wordasword"
|
|
>Interactive Checking Mode</I
|
|
> and waiting for the long scan to finish, the script file <TT
|
|
CLASS="filename"
|
|
>tripwire.verify</TT
|
|
> will scan
|
|
the system and report via mail the result, then you run Tripwire in <I
|
|
CLASS="wordasword"
|
|
>Database Update Mode</I
|
|
> and update only single files or directories that has changed.
|
|
</P
|
|
><DIV
|
|
CLASS="example"
|
|
><A
|
|
NAME="AEN9929"
|
|
></A
|
|
><P
|
|
><B
|
|
>Example 18-1. Usage of Tripwire</B
|
|
></P
|
|
><P
|
|
> If a single file has changed, you can:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="screen"
|
|
> [root@deep] /# <B
|
|
CLASS="command"
|
|
>tripwire</B
|
|
> -update /etc/newly.installed.file
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
</P
|
|
><P
|
|
> Or, if an entire set of files or directories has changed, you can run:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="screen"
|
|
> [root@deep] /# <B
|
|
CLASS="command"
|
|
>tripwire</B
|
|
> -update /usr/lib/Package_Dir
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
In either case, Tripwire regenerates the database entries for every specified file. A backup of the old database is created in the <TT
|
|
CLASS="filename"
|
|
>./databases</TT
|
|
> directory.
|
|
</P
|
|
></DIV
|
|
><P
|
|
> These are Some possible uses of Tripwire software
|
|
<P
|
|
></P
|
|
><OL
|
|
TYPE="1"
|
|
><LI
|
|
><P
|
|
> Check the integrity of your files system.
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> Get a list of new installed or removed files on your system.
|
|
</P
|
|
></LI
|
|
></OL
|
|
>
|
|
</P
|
|
><DIV
|
|
CLASS="section"
|
|
><H2
|
|
CLASS="section"
|
|
><A
|
|
NAME="pr6ch4sc51tri"
|
|
>18.6.1. Installed Files</A
|
|
></H2
|
|
><P
|
|
>
|
|
These are the files Installed by the software TripWire ASR on your system:
|
|
<P
|
|
></P
|
|
><TABLE
|
|
BORDER="0"
|
|
><TBODY
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /etc/cron.daily/tripwire.verify
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /etc/tw.config
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /usr/man/man5/tw.config.5
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /usr/man/man8/siggen.8
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /usr/man/man8/tripwire.8
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /usr/sbin/tripwire
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /usr/sbin/siggen
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /var/spool/tripwire
|
|
</TT
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
><TT
|
|
CLASS="filename"
|
|
> /var/spool/tripwire/tw.db_TEST
|
|
</TT
|
|
></TD
|
|
></TR
|
|
></TBODY
|
|
></TABLE
|
|
><P
|
|
></P
|
|
>
|
|
</P
|
|
><DIV
|
|
CLASS="section"
|
|
><H3
|
|
CLASS="section"
|
|
><A
|
|
NAME="pr6ch4sc52tri"
|
|
>18.6.1.1. Alternatives to Tripwire</A
|
|
></H3
|
|
><P
|
|
> These are some of the alternatives to Tripwire:
|
|
<P
|
|
></P
|
|
><DIV
|
|
CLASS="variablelist"
|
|
><DL
|
|
><DT
|
|
>ViperDB</DT
|
|
><DD
|
|
><P
|
|
> ViperDB Homepage: <A
|
|
HREF="appendixa.html#prtinxfp17"
|
|
>http://www.resentment.org/projects/viperdb/</A
|
|
>
|
|
</P
|
|
></DD
|
|
><DT
|
|
>FCHECK</DT
|
|
><DD
|
|
><P
|
|
> FCHECK Homepage:<A
|
|
HREF="appendixa.html#prtinxfp17"
|
|
>http://sites.netscape.net/fcheck/fcheck.html</A
|
|
>
|
|
</P
|
|
></DD
|
|
><DT
|
|
>Sentinel</DT
|
|
><DD
|
|
><P
|
|
> Sentinel Homepage:<A
|
|
HREF="appendixa.html#prtinxfp17"
|
|
>http://zurk.netpedia.net/zfile.html</A
|
|
>
|
|
</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
>
|
|
</P
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap18sec148.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="soft-limits.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Tripwire in <TT
|
|
CLASS="literal"
|
|
>Interactive Checking Mode</TT
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="tripwireASR.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Software -Securities/Management & Limitation</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |