Pick a Free OS

User login


Intrusion Detection Systems: Part II - Installing Tripwire

The twprint --print-report mode prints the contents of a Tripwire report. If you do not specify a report with the --twrfile or -r command-line argument, the default report file specified by the configuration file REPORTFILE variable is used.

Example: On a machine named FREEOS.com.FW , the command would be:

./twprint -m r --twrfile FREEOS.com.FW-20000122-021212.twr

Updating the Database after an Integrity Check

Database Update mode enables you to update the Tripwire database after an integrity check if you determine that the violations discovered are valid. This update process saves time by enabling you to update the database without having to re-initialize it. It also enables selective updating, which cannot be done through re-initialization. The syntax for Database Update mode is:

bash# tripwire --update

Updating the Policy File

Change the way that Tripwire software scans the system by changing the rules in the policy file. You can then update the database without a complete re-initialization. This saves a significant amount of time and preserves security by keeping the policy file synchronized with the database it uses. The syntax for Policy Update mode is:

bash# tripwire --update-policy

Testing Email functions

Test mode tests the software's email notification system, using the settings currently specified in the configuration file during the installation (your install.cfg file). The syntax for Email Test Reporting mode is:

bash# tripwire --test


All Tripwire commands support the --help option. Example: To get help withCreate Configuration File mode, type:

bash# twadmin --help --create-cfgfile

The following options illustrate the types of help available in the Tripwire software:


Display usage and version information


Display all command modes

--help all

Display help for all command modes


Display help for current command mode


Display version information

So pals, this is all for now. Hope you had a feast on the internals of an IDS, We at FreeOS.com have tried our best to give you a simplest tutorial, that should get you up and running with an IDS on your system in the shortest time span. We assure you that time spent fortifying your network is time well spent. Coming up is next week is a cool tutorial on the usage and implementation of SNORT- another interesting IDS.

The road to success is dotted with the most tempting parking spaces.

- Anonymous