http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/ch-tripwire.html
Although the version that installs with FC12 you only need do the following steps;
$> tripwire-setup-keyfiles
Follow the instructions, which mainly require 2 passwords, 1 for site and 1 for local
Once this step is completed you simply run;
$> tripwire --init
And wait for it to complete
Updates can be done by first dumping the policy file;
$> twadmin --print-polfile >my.pol
And then editing this file accordingly. Once you have completed your edits you would then need to encrypt the file for the init process to be able to use it. This will generate the tw.pol file;
$> /usr/sbin/twadmin --create-polfile -S site.key /etc/tripwire/my.pol
You will be prompted for your site password
To load the policy into the tripwire database;
$> rm /var/lib/tripwire/hostname.localdomain.twd
Run the following to regenerate the database;
$> tripwire --init
Test if your email account will work;
$> tripwire --test --email username
View reports;
$> /usr/sbin/twprint -m r --twrfile /var/lib/tripwire/report/
Update database;
$> /usr/sbin/tripwire --update --twrfile /var/lib/tripwire/report/
No comments:
Post a Comment