As several recent high profile compromises have reminded us, Linux isn’t immune to security vulnerabilities. While you should always do everything you can to secure your Linux systems, you can also put measures in place to quickly detect a break-in. One useful “alarm” system is Tripwire.
As several recent high profile compromises have reminded us, Linux isn’t immune to security vulnerabilities. While you should always do everything you can to secure your Linux systems, you can also put measures in place to quickly detect a break-in. One useful “alarm” system is Tripwire.
Tripwire helps you verify the integrity of critical system files and directories. It compares the current filesystem against a known, stable baseline, which you establish after installing Tripwire. Once installed and initialized, Tripwire monitors key attributes of files that shouldn’t change, including each file’s binary signature and size, while taking into account changes you expect, such as the growth of a log file. If anything’s modified, added, or deleted, Tripwire notifies you of the differences.
After you download the latest tarball, verify that the MD5 checksum of the download matches the MD5 checksum on the download page. (While a mismatch could occur with a bad download, it could also mean that the file’s been tampered with. Checking for tampering is critical for security software.) You can get the MD5 checksum of a file by typing md5sum file.
If the checksum is valid, unpack the tarball and cd into the resulting directory. Before running the install script, take a look at…
Please log in to view this content.
Not Yet a Member?
Register with LinuxMagazine.com and get free access to the entire archive, including:
