Configurations | All about OS

Configurations

Категория: Securing and Optimizing

#    unusual directories
=/proc    E
=/tmp
=/mnt/cdrom =/mnt/floppy
Step 2
Now, for security reasons, change the mode of this file to be 0600 with the following command:
[root@deep /]# chmod 600 /etc/tw.config
Configuration of the “/etc/cron.daily/tripwire.verify” script
The “tripwire.verify” file is a small script executed by the crond program of your server each day to scan your hard disk for possible changed files or directories and mail the results to the system administrator. This script will automate the procedure of integrity checking for you. If you intend to automate this task, follow the simple steps below.
Stepi
Create the tripwire.verify script file (touch /etc/cron.daily/tripwire.verify) and add in this script:
#!/bin/sh
/usr/sbin/tripwire -loosedir -q | (cat «EOF
This is an automated report of possible file integrity changes, generated by
the Tripwire integrity checker. To tell Tripwire that a file or entire
directory tree is valid, as root run:
/usr/sbin/tripwire -update [pathname|entry]
If you wish to enter an interactive integrity checking and verification session, as root run:
/usr/sbin/tripwire -interactive
Changed files/directories include:
EOF
cat
) | /bin/mail -s “File integrity report” root
Step 2
Now, make this script executable and change its mode to be 0700 with the following command:
[root@deep /]# chmod 700 /etc/cron.daily/tripwire.verify
Securing Tripwire Security Issue
It is recommended for better security that the database (tw.db_[hostname]) file of Tripwire be moved someplace (e.g. floppy) where it cannot be modified. This is important because data from Tripwire is only as trustworthy as its database.
It is also recommend that you make a hardcopy printout of the database contents right away. In the event that you become suspicious of the integrity of the database, you will be able to manually compare information against this hardcopy.
Further documentation
For more details, there are several man pages you can read:
$ man siggen (8)    - signature generation routine for Tripwire
$ man tripwire (8)    - a file integrity checker for UNIX systems
$ man tw.config (5)    - configuration file for Tripwire
Commands

Страниц: 1 2 3 4

« Linux Tripwire ASR 1.3.1
Securities Software (Management & Limitation).Linux GnuPG »