今晚看iptables的书的时候,看到TripWire,以前也看过。但是没怎么注意

正好做了一下实验

http://sourceforge.net/projects/tripwire/

下载安装

wget http://nchc.dl.sourceforge.net/sourceforge/tripwire/tripwire-2.4.1.2-src.tar.bz2

tar xvf tripwire-2.4.1.2-src.tar.bz2

cd tripwire-2.4.1.2-src

./configure –prefix=/srv/tripwire && make && make install

初始化数据库

/srv/tripwire/sbin/tripwire -m i

检测某个软件的完整性

/srv/tripwire/sbin/tripwire -m c

e.g. sudo /srv/tripwire/sbin/tripwire -m c /bin/echo

Integrity checking objects specified on command line…

……..

Total objects scanned: 1

Total violations found: 0

……..

具体用法:

Database Initialization: tripwire [-m i –init] [options]
Integrity Checking: tripwire [-m c –check] [object1 [object2…]]
Database Update: tripwire [-m u –update]
Policy Update: tripwire [-m p –update-policy] policyfile.txt
Test: tripwire [-m t –test] –email address