Complete & Simple Guide to install Tripwire!
 

Hello - i install this on Ubuntu and think this guide also work with Debian.
The guide explain how to install and configurate Tripwire on your system.
And also explain how to save the Tripwire database on removable media.

I can not programming but succed to install Tripwire - so can you even if you don't have coding skills :-)

TRIPWIRE

Tripwire is a "intrusion detection system" ... this means that Tripwire don't prevent an intrusion, but it will notice if it has happen.
It works like this; Tripwire sign each file with a specific algorithm or key number on your operating system and save all the information on a database.
So if some one change of modifie any file, then Tripwire will notice this change, so no one can break into your computer without you being aware of that.

So each file gets a uniq id and if some one hack into your system Tripwire will notice the change with some critical files being modified.
The great thing with this guide is that in the end i will explain how you install the Tripwire database on removable media.
This means that if you get an intrusion - so cant they modifie or hack your Tripwire - it is safe and secure.

THE FIRST PART OF THE INSTALLATION

First you need to have a new installation from scratch, so you know that your operating system has not been temporized with.
Now you can connect to internet and install Tripwire.

Now when you run Tripwire installation it will ask you at the beginning to configuration email option.
Then you should pick "internetsystem" ...

http://i59.tinypic.com/2vazcix.jpg

After that it will ask you to add what kind of email you use.
Like hotmail.com or gmail.com

http://i58.tinypic.com/x3cm0j.png

After this Tripwire will ask you if you want to install two secure keys.
The site key and the local key.

You should answer yes and continue doing so true the hole installation process.
It is a good idea if you have prepared your self with two good key phrases.
Two good passwords.

hey, thanks for this info :)
all security tips are welcome

Is Tripwire still a thing today? I hear many people recommend AIDE over Tripwire.

~dis

Well maybe if my concerns posted here (first paragraph) no longer apply?.. (Not holding my breath.)


AIDE or Samhain, and always as part of an appropriate set of measures.

The whole shebang is at http://ubuntuforums.org/showthread.php?t=2235300

I haven't heard about Samhain before. How does it compare to AIDE?

On a side note, do you perhaps know, if any of these tools are also capable of monitoring custom disk sectors i.e. the first 2048 sectors of the HDD where the boot loader is located? How about the contents of the bios chip? I normally do this by hand and I'm looking for a way to automate it.

~dis

- Daemon vs cron jobbed task,
- Can use inotify,
- Can be centrally managed (server - client paradigm),
- Can encrypt config,
- Can obfuscate own process argv[0],
- much, much more: please check documentation.


None do.

Hello i was going to post the hole howto - but something got wrong with forum text input - thanks for sharing the link to my Tripwire Howto.
What i like is that you can install the Tripwire database on removable media.

Cheers

If you want to you can submit your article and we'll post it in the HOWTO section.

Good Stuff, Maynard.
I have it bookmarked and I tend to keep those for years.

Hello, i would like to add two HOWTO in the HOWTO section, but i can not find the HOWTO section?
I would like to add Logwatch & Tripwire.

Cheers

Right side menu: Write for LQ: LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

I thought Tripwire was commercial software only.

Didn't realize there is an open source version: http://sourceforge.net/projects/tripwire/

...that has been left completely unmaintained for the past 5 years.

Exactly!

OP failed to note that in the original post and the documentation that he/she linked too. Why even post this?