Securing Tripwire for Linux
Security Issue
It is important to make sure that the integrity of the system you are running has not been already compromised. For maximum confidence in your baseline database, you should generate operating system and application files from a clean installation and original media.
Also, it is recommended that you delete the plain text copy of the Tripwire configuration file named “twcfg.txt” located under the 7usr/bin” directory to hide the location of Tripwire’s files and prevent anyone from creating a second, or alternate, configuration file. (Далее…)
Configurations
All software we describe in this book has a specific directory and subdirectory in a tar compressed archive named “floppy.tgz” containing file configurations for specific programs. If you get this archive file, you won’t be obliged to reproduce the different configuration files below, manually, or cut and paste them to create your configuration files. (Далее…)
Securities Software (System Integrity).Linux Tripwire 2.2.1
Overview
A typical Red Hat Linux server installation handles approximately 30,400 files. At their busiest times, administrators can’t check the integrity of all system files, and if a cracker has accessed your server, he or she can install or modify files without your knowledge quite easily. Due to the possibility of this event some programs have been created to respond to this kind of problem. (Далее…)
SSH2 Users Tools
The commands listed belows are some that we use often in our regular use, but many more exist, and you should check the man page and documentation for more details.
ssh2 (Далее…)
Ssh2 Per-User Configuration
Step 1
Create your private & public keys of local, by executing:
[root@deep /]# su admin
[admin@deep /]$ ssh-keygen2
Generating 1024-bit dsa key pair
6 Oo..oOo.oOo. Key generated.
1024-bit dsa, admin@deep.openna.com, Sun Feb 13 2000 05:33:38 -0500 Passphrase: Again :
Private key saved to /home/admin/.ssh2/id_dsa_1024_a Public key saved to /home/admin/.ssh2/id_dsa_1024_a.pub (Далее…)