Tripwire for Linux File Integrity

What is Tripwire?

Tripwire is a form intrusion detection system (IDS) that helps you keep tabs on the integrity of the files on your computer. Quite simply it will help identify files or modifications made to your system in the event someone compromised your system.

How does Tripwire work?

Tripwire works on a pretty easy to understand concept. Basically, when you install Tripwire on your linux box you tell it to scan your system and create a database of checksums and information. Once you have a good reference point or database setup, you then scan your system on a regular basis for modifications to your file system.

Why would I want run a file system integrity software?

If you have ever had your system compromised by a cracker, it's an extremely frustrating time. You never know what they have done, where they have been, or what files they have modified or installed. This type of application helps in the recovery process. Quite often crackers will installed a group of applications on your system called a rootkit. A rootkit overwrites many of your commonly used system files to help hide the tracks of the cracker, or leave a backdoor on your system so he can return at a later date. Often the types of files modified are ones such as ps and netstat. By installing their own version of applications like these they can hide the fact there is additional daemons and processes running the background.

How do I put Tripwire to practical use?

Tripwire can be configured to send you e-mails at a set time interval via Sendmail or SMTP. On small systems it wouldn't be unreasonable to have your system checked several times a day and have Tripwire e-mail you the results. If you don't want the results e-mailed you can store the information in a file for later review. I believe it is a handy tool to have the logs e-mailed to you, so a problem can be quickly identified.

Thought Tripwire won't protect you from hackers, it will help you identify the level of which your system has been compromised and if scanned at regular time intervals should help you reduce the amount of time for which your system has been compromised. If your system has been broken in to, then the best thing to do is isolate the machine from the network and rebuilt it from know good backups and try to determine the method of entry.

Ken Dennis
http://KenDennis-RSS.homeip.net/

Business Wire (press release)

Elliott Terminates Tender Offer to Acquire Epicor Software Corporation MarketWatch - Nov 21, 2008 ... LP and Elliott International, LP (collectively, "Elliott" or "we"), a major shareholder of Epicor Software Corporation (the "Company" or "Epicor"), ... Epicor drops after hedge fund ends hostile bid Forbes Hedge Fund Elliott Associates Withdraws Offer for Epicor Software Orange County Business Journal UPDATE 1-Hedge Fund ends offer for Epicor Reuters RTT News - Barron's Blogs all 45 news articles

New York Times

The best thing about the 2.2 iPhone software update CNET News, CA - Nov 21, 2008 When it some to iPhone software updates, I'm all about the basics. Apple could enable the iPhone to cook my dinner every night, but if it added multimedia ... First Look: Apple's iPhone 2.2 Software Hits The Street (And ... CRN Lots to like about new iPhone 2.2 software update Ars Technica Apple releases iPhone Software v2.2 Apple Insider G4 TV - infoSync World all 144 news articles

Canada.com

Microsoft to offer free security software to attract beginners eTaiwan News, Taiwan - Nov 21, 2008 19 to stop selling personal computer security software and to use free personal anti-virus software instead. The new software called Morro can support seven ... Microsoft: New software not Symantec, McAfee rival Reuters Microsoft Plans to Introduce Free PC Security Software Wall Street Journal Spamhaus: Microsoft Now 5th Most Spam Friendly ISP Washington Post NetworkWorld.com - Bizjournals.com all 304 news articles

Vertical Releases Feature-Rich Software Update for Wave MarketWatch - 19 hours ago ... today announced the release of the Wave 1.5 software upgrade to it's award winning Wave IP 2500(TM) Business Communications Solution, the industry's ...

Hann’s On Software bouht by Mediware Bizjournals.com, NC - Nov 21, 2008 Mediware Information Systems Inc. has bought the assets of Hann’s On Software, a pharmacy-management software provider based in Santa Rosa, for $3.5 million ... Mediware Acquisition Adds 320 Pharmacy Facilities MarketWatch Mediware Information buys assets of Hann's On Software - Quick Facts RTT News Mediware Acquisition Adds 320 Pharmacy Facilities International Business Times all 19 news articles

AVG Sees Uphill Battle for Microsoft in Its Launch of Free Anti ... MarketWatch - Nov 21, 2008 AVG, which for eight years has offered free anti-virus software to users worldwide, noted the multiple challenges Microsoft faces in supporting a free ... AVG sees 'uphill battle' for Microsoft Morro TechRadar UK Microsoft Announces Upcoming Events for the Financial Community NewsBlaze Microsoft Announces Upcoming Events for the Financial Community MarketWatch all 30 news articles

Microsoft’s Mike Neil Keynotes at SYS-CON's 4th International ... SYS-CON Media, NJ - 18 hours ago ... Black Duck Software, Blackbaud, Blade Network Technologies, Blue Coat, Blue Lane, BlueArc, BlueNote Networks, BluePheonix Solutions, BMC Software, ... Teaching Everyone to Speak Big Blue New York Times IBM To Acquire Virtualization Specialist Transitive InformationWeek IBM To Buy Virtualization-Software Company Transitive NewsFactor Network eWeek - SearchDataCenter.com all 95 news articles

Frankly speaking, speech software better but still not great Seattle Times, United States - 11 hours ago Getting a computer to turn your speech into words on the screen requires buying expensive, resource-intensive software and mastering a sometimes confusing ...

Authoria Appoints New President and CEO MarketWatch - Nov 21, 2008 Prior to joining Authoria, Mr. McDevitt was most recently Chief Operating Officer of CDC Software, a $360 million division of CDC Corporation and a global ...

Microsoft purges phony security software from 1 million PCs Computerworld, MA - 22 hours ago Windows users have been plagued with a flood of worthless security software in recent months as criminals have discovered that they're money-makers. ...