Tripwire: Difference between revisions

From James's Wiki
No edit summary
No edit summary
Line 24: Line 24:
to update changes to your system the easy way:
to update changes to your system the easy way:
  sudo tripwire -m c -I
  sudo tripwire -m c -I
reports are saved in:
ls /var/lib/tripwire/report/


==References==
==References==

Revision as of 13:00, 4 March 2018

sudo apt install tripwire

setpassphrases ect during install 

sudo tripwire --init

sudo tripwire --check


after editing the policy file do this: 

sudo twadmin -m P /etc/tripwire/twpol.txt

sudo tripwire --init

sudo tripwire --check

after editing the configuration file: 

sudo twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt

if the passwords arn't set up for whatever reason: 

sudo dpkg-reconfigure tripwire

to update changes to your system the easy way: 

sudo tripwire -m c -I

reports are saved in: 

ls /var/lib/tripwire/report/

References

https://www.howtoforge.com/tutorial/how-to-monitor-and-detect-modified-files-using-tripwire-on-ubuntu-1604/

https://www.digitalocean.com/community/tutorials/how-to-use-tripwire-to-detect-server-intrusions-on-an-ubuntu-vps

Retrieved from "https://wiki.jamesclaus.com/index.php?title=Tripwire&oldid=246"
Powered by MediaWiki