Skip to main content

Install IDS tripwire on Fedora Core 3

1. Download

You can download the RPM source or RPM from rpmfind.net.

wget ftp://fr2.rpmfind.net/linux/fedora/
extras/3/SRPMS/tripwire-2.3.1-21.src.rpm

wget ftp://fr2.rpmfind.net/linux/fedora/
extras/3/i386/tripwire-2.3.1-21.i386.rpm

These RPMs above have a small problem. It doesn't include the twinstall.sh, which is convenient for tripwire installation.

You can find the twinstall.sh from previous version. For example

wget http://download.fedora.us/fedora/fedora/
1/i386/SRPMS.testing/tripwire-2.3.1-18.fdr.3.1.src.rpm

2. Compilation (if you download the source RPM)

rpmbuild --rebuild tripwire-2.3.1-21.src.rpm

rpmbuild --rebuild tripwire-2.3.1-18.fdr.3.1.src.rpm

3. Installation

3.1 Install old RPM to get twinstall.sh

If you just compiled the source RPM, run

rpm -Uvh /usr/src/redhat/RPMS/i386/tripwire-2.3.1-18.fdr.3.1.i386.rpm

Or

rpm -Uvh tripwire-2.3.1-18.fdr.3.1.i386.rpm

Now you need copy /etc/tripwire/twinstall.sh to somewhere.

cp /etc/tripwire/twinstall.sh ~

3.2 Install RPM for Fedora Core 3

The above installation is just used to save a copy of twinstall.sh.

Now we install tripwire RPM for Fedora Core 3. If you just compiled the source RPM, run

rpm -Uvh /usr/src/redhat/RPMS/i386/tripwire-2.3.1-21.i386.rpm

Or

rpm -Uvh tripwire-2.3.1-21.i386.rpm

cp ~/twinstall.sh /etc/tripwire

4. Configuration

4.1 Pre-Configuation

The configuration files are located at /etc/tripwire. Before Fedora Core 3, you need modify /etc/tripwire/twcfg.txt HOSTNAME line to reflect the machine's hostname. The RPM on Fedora Core 3 configures this line automatically.

Keep twcfg.txt and twpol.txt secure.

Now run ./twinstall.sh and follow the prompt.

4.2 Database Initialization

Tripwire will generate a database of current system snapshot as a base. The database is saved at /var/lib.

/usr/sbin/tripwire --init.

4.3 Check and Reports

To check

/usr/sbin/tripwire --check

To review reports

/usr/sbin/twprint -m r --twrfile /var/lib/tripwire/report/youmachinehostname-date-time.twr

To update reports

/usr/sbin/tripwire --update --twrfile /var/lib/tripwire/report/youmachinehostname-date-time.twr

To update database

/usr/sbin/tripwire --update-policy /etc/tripwire/twpol.txt

4.4 Cron Job

RPM installs cron job for tripwire at /etc/cron.daily

# cat tripwire-check
#!/bin/sh
HOST_NAME=`uname -n`
if [ ! -e /var/lib/tripwire/${HOST_NAME}.twd ] ; then
echo "**** Error: Tripwire database for ${HOST_NAME} not found. ****"
echo "**** Run "/etc/tripwire/twinstall.sh" and/or "tripwire --init". ****"
else
test -f /etc/tripwire/tw.cfg && /usr/sbin/tripwire --check
fi

Comments

Post a Comment

Popular posts from this blog

spring 2.0 bean scope

singleton Scopes the bean definition to a single instance per Spring container (default). prototype Allows a bean to be instantiated any number of times (once per use). request Scopes a bean definition to an HTTP request. Only valid when used with a web capable Spring context (such as with Spring MVC). session Scopes a bean definition to an HTTP session. Only valid when used with a webcapableSpring context (such as with Spring MVC). global-session Scopes a bean definition to a global HTTP session. Only valid when used in a portlet context.
Post a Comment
Read more

Crocs sandals

Suddenly one special looking sandals get popular. The brand is Crocs. It even opens a brand store at Marina Square. The design idea is from Dutch wooden shoes, I guess. A pair of Crocs sandals is sold at around SGD 50. The price is justified for what it is made of - Croslite. Based on Crocs website, "Croslite™, a proprietary Closed Cell Resin (PCCR) which is NOT plastic NOR rubber. Croslite™ is closed-cell in nature and anti-microbial, which virtually eliminates odor. it is an extraordinary impact absorbing resin material developed for maximum cushioning. its closed cell properties resist odor, inhibits bacterial and fungal growth and are non toxic. this versatile material can be worn next to skin and be cleaned with just soap and water." However, it really looks like made of plastic or rubber, and the design is unique. Replica comes. they are sold at SGD 20, SGD 10, SGD 5 depending on quality.
Post a Comment
Read more

Singapore Girl Sex Clip Posted Online

A couple days ago, a sex video clip about a female Chinese graduate student Wang Ting Ting (王婷婷) was posted on the internet. Just as it is about to cool down, another sex video clip pops. It is a sex clip of a Singapore Nanyang Polytechnic student . The video clip was stored on her cell phone. Someone stole it and posted the video clip on the Internet. This is a breaking news. It is even reported on major Singapore and Malaysia newspapers. Now we have so many cool gadgets. It is a breeze to shoot photos/videos, and share them on the internet. Everyone, even dog, is on the internet waiting for breaking news. Be careful when you do something secret or stupid. It may appear all over the world, live!
Post a Comment
Read more

No smoking sign

Watch out this sign before you light the cigarette up. SGD 1000 fine! However, I wonder if someone had really paid so much for violation.
Post a Comment
Read more

Prostitutes in Singapore

Singapore is very realistic about this issue. Prostitution is legal. The famous red light zone is Geylang area. I heard Hong Kong officials are considering to legalize this business in HK also. Singaporeans are not allow to work as prostitute. Maybe also SPR. The prostitutes are mainly foreign workers from poor countries in SEA area, such as Indonesia, Thailand, India, Malaysia, not from China. They come under special 2-year working pass, and must pass the health exam, yes, to prevent STD such as HIV, AIDS and so on. The brothels are mixed with normal resident houses. The brothel's house number is red lighted. The price is ranged from SGD 50 to SGD 200. Illegal sex workers are also around, and in some massage clinics. A very recent fatal case and newly effective government policy make a special social group - Chinese accompanying mom for studying kids a hot media buzz again.
Post a Comment
Read more