LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/solrhe/Securing-Optimizing-Linux-R.../chap18sec149.html

380 lines
5.8 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>Run Tripwire in Database Update Mode</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
REL="HOME"
TITLE="Securing and Optimizing Linux"
HREF="index.html"><LINK
REL="UP"
TITLE="Linux Tripwire ASR 1.3.1"
HREF="tripwireASR.html"><LINK
REL="PREVIOUS"
TITLE="Tripwire in Interactive Checking Mode"
HREF="chap18sec148.html"><LINK
REL="NEXT"
TITLE="Software -Securities/Management & Limitation"
HREF="soft-limits.html"></HEAD
><BODY
CLASS="section"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="chap18sec148.html"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 18. Linux Tripwire ASR 1.3.1</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="soft-limits.html"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="section"
><H1
CLASS="section"
><A
NAME="pr6ch4sc5trp"
>18.6. Run Tripwire in <I
CLASS="wordasword"
>Database Update Mode</I
></A
></H1
><P
>&#13; Running Tripwire in <I
CLASS="wordasword"
>Database Update Mode</I
> mixed with the <TT
CLASS="filename"
>tripwire.verify</TT
> script file that mails the results to the system administrator, will reduce the time of
scanning the system. Instead of running Tripwire in <I
CLASS="wordasword"
>Interactive Checking Mode</I
> and waiting for the long scan to finish, the script file <TT
CLASS="filename"
>tripwire.verify</TT
> will scan
the system and report via mail the result, then you run Tripwire in <I
CLASS="wordasword"
>Database Update Mode</I
> and update only single files or directories that has changed.
</P
><DIV
CLASS="example"
><A
NAME="AEN9929"
></A
><P
><B
>Example 18-1. Usage of Tripwire</B
></P
><P
>&#13; If a single file has changed, you can:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="screen"
>&#13; [root@deep] /# <B
CLASS="command"
>tripwire</B
> -update /etc/newly.installed.file
</PRE
></TD
></TR
></TABLE
>
</P
><P
>&#13; Or, if an entire set of files or directories has changed, you can run:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="screen"
>&#13; [root@deep] /# <B
CLASS="command"
>tripwire</B
> -update /usr/lib/Package_Dir
</PRE
></TD
></TR
></TABLE
>
In either case, Tripwire regenerates the database entries for every specified file. A backup of the old database is created in the <TT
CLASS="filename"
>./databases</TT
> directory.
</P
></DIV
><P
>&#13; These are Some possible uses of Tripwire software
<P
></P
><OL
TYPE="1"
><LI
><P
>&#13; Check the integrity of your files system.
</P
></LI
><LI
><P
>&#13; Get a list of new installed or removed files on your system.
</P
></LI
></OL
>
</P
><DIV
CLASS="section"
><H2
CLASS="section"
><A
NAME="pr6ch4sc51tri"
>18.6.1. Installed Files</A
></H2
><P
>&#13;
These are the files Installed by the software TripWire ASR on your system:
<P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
><TT
CLASS="filename"
>&#13; /etc/cron.daily/tripwire.verify
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /etc/tw.config
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /usr/man/man5/tw.config.5
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /usr/man/man8/siggen.8
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /usr/man/man8/tripwire.8
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /usr/sbin/tripwire
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /usr/sbin/siggen
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /var/spool/tripwire
</TT
></TD
></TR
><TR
><TD
><TT
CLASS="filename"
>&#13; /var/spool/tripwire/tw.db_TEST
</TT
></TD
></TR
></TBODY
></TABLE
><P
></P
>
</P
><DIV
CLASS="section"
><H3
CLASS="section"
><A
NAME="pr6ch4sc52tri"
>18.6.1.1. Alternatives to Tripwire</A
></H3
><P
>&#13; These are some of the alternatives to Tripwire:
<P
></P
><DIV
CLASS="variablelist"
><DL
><DT
>ViperDB</DT
><DD
><P
>&#13; ViperDB Homepage: <A
HREF="appendixa.html#prtinxfp17"
>http://www.resentment.org/projects/viperdb/</A
>
</P
></DD
><DT
>FCHECK</DT
><DD
><P
>&#13; FCHECK Homepage:<A
HREF="appendixa.html#prtinxfp17"
>http://sites.netscape.net/fcheck/fcheck.html</A
>
</P
></DD
><DT
>Sentinel</DT
><DD
><P
>&#13; Sentinel Homepage:<A
HREF="appendixa.html#prtinxfp17"
>http://zurk.netpedia.net/zfile.html</A
>
</P
></DD
></DL
></DIV
>
</P
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="chap18sec148.html"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="soft-limits.html"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Tripwire in <TT
CLASS="literal"
>Interactive Checking Mode</TT
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="tripwireASR.html"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Software -Securities/Management &#38; Limitation</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink