T

Tripwire

24.02.20181 Min Read — InLinux

Here’s a great little program to keep an eye on your system files to make sure no one inappropriate is changing them! I like to have this run in cron once a week and send me a report. When your first changing your system / installing things, a lot of false positives will be tripped. But, once you settle into your system and are not constantly installing things and changing config files – this is a super handy service to have running to keep a proactive key on your file security! [insert content]

After it runs, simply type:

sudo /usr/sbin/tripwire --update --twrfile /var/lib/tripwire/report/[name].twr

It will open up the report in a text editor with an [x] next to each file. Remove that X if you think the file was illegitimately changed. If all is good, leave the X’s in place and save the file. Then enter your local password and the tripwire database is updated!