Find the answer to your Linux question:
Results 1 to 4 of 4
I'm trying to get tripwire up and running on my CentOS box. I've already downloaded and installed tripwire-2.3.1-21, creating the /etc/tripwire directory and the two files twcfg.txt and twpol.txt in ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    May 2007
    Posts
    106

    Tripwire Install


    I'm trying to get tripwire up and running on my CentOS box. I've already downloaded and installed tripwire-2.3.1-21, creating the /etc/tripwire directory and the two files twcfg.txt and twpol.txt in the process.

    I've looked around at different guides and most of them refer to a setup script called twinstall.sh that doesn't exist. Eventually I found a guide that recognizes this fact and explains the commands to get around not having this script:
    How to Set Up and Use Tripwire | Linux Journal

    Despite some problems with filenames I've been able to trial-and-error my way to the point where I have generated encrypted verions of both the policy and the config files. I have also been able to initialize the database (/var/lib/tripwire/databasefile.twd).

    The next step would be to check the policy and begin removing unnecessary entries to make the policy useful. That's where I run into a problem. I try to check the file with the command tripwire --check and get an error referring to the file tw.cfg which doesn't exist!

    Does anyone have any ideas why I would be able to generate a database file but not be able to check it? Better yet, does anyone know of a guide that actually works (and doesn't refer to the non-existant twinstall.sh)?

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Quote Originally Posted by charlie205
    I try to check the file with the command tripwire --check and get an error referring to the file tw.cfg which doesn't exist!
    Just speculating here, but it sounds like you'll need to point tripwire (at the command line) to the correct tripwire config file.

    This may or may not be helpful: I have nothing against tripwire, but I've been using the FOSS HIDS aide happily on CentOS 5 for some time. It's even part of the standard repositories.

  3. #3
    Linux Newbie
    Join Date
    May 2007
    Posts
    106
    Quote Originally Posted by anomie View Post
    ... I've been using the FOSS HIDS aide happily on CentOS 5 for some time. It's even part of the standard repositories.
    hmm...looks interesting. Can you recommend any install/config guides?

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    In addition to the manpages and the aide online manual, there are mailing lists that you can access from the aide project page.

    I'm not an expert, but I have aide working nicely in my environment. (And I'm sure others do too.) You can always try the forums as well.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •