Open Source Tripwire

Open Source Tripwire is a free software for POSIX -compliant ( Unix ) operating systems, which ensured through the monitoring and display of certain data modifications security and data integrity on several systems.

Open Source Tripwire is based on code that was provided by Tripwire, Inc. available in 2000 and has since been distributed as free software under the terms of the GNU General Public License ( GPL).

Other open source projects offer similar features, such as OSSEC, AIDE and Samhain.

Operation

Open Source Tripwire works as a host - based intrusion prevention system and monitors less potential attacks at the network level, such as intrusion detection systems, but specializes in changes to objects in the file system.

During the initial start Open Source Tripwire performs a scan of the file system as specified by the Administrator through and stores information for each scanned file in a database. At later times, the files will be scanned again and compared with the previous results in the database. Changes will be made known to the user. Open Source Tripwire uses checksums to detect file changes, without having to create a complete copy of the file.

Open Source Tripwire detects attacks especially after they have happened, but can also be used for other purposes, such as integrity testing, change management and regulatory compliance (Policy compliance).

621731
de