Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
ids [2006/06/24 11:39] a fixme |
ids [2008/07/22 14:37] a |
||
---|---|---|---|
Line 7: | Line 7: | ||
===== Tripwire ===== | ===== Tripwire ===== | ||
- | FIXME | + | === links: === |
+ | * [[http:// | ||
+ | |||
+ | ==== Basic configuration (debian way) ==== | ||
+ | |||
+ | Install tripwire with apt-get ('' | ||
+ | |||
+ | cd / | ||
+ | / | ||
+ | / | ||
+ | # you'll get loads of "No such file" warnings... | ||
+ | |||
+ | Ok, we're fully installed now. So let's run our first check so we can tune the policy | ||
+ | |||
+ | / | ||
+ | |||
+ | |||
+ | Now use this {{fixpol.pl|perl script (fixpol.pl)}} | ||
+ | |||
+ | chmod u+x fixpol.pl | ||
+ | | ||
+ | |||
+ | **fixpol** prints what to do next near the end of its output in particular: | ||
+ | |||
+ | You should now run | ||
+ | |||
+ | diff twpol.txt twpol.txt.new | more | ||
+ | |||
+ | to make sure my changes aren't garbage. If it looks ok run | ||
+ | |||
+ | / | ||
+ | / | ||
+ | |||
+ | to install the new policy in the database. | ||
+ | |||
+ | Now you're in a position to run | ||
+ | |||
+ | / | ||
+ | |||
+ | regularly in cron or whatever. | ||
===== Linux (misc) ===== | ===== Linux (misc) ===== | ||
Line 52: | Line 91: | ||
That would run chkrootkit every night a 3.00h. | That would run chkrootkit every night a 3.00h. | ||
+ | |||
==== rkhunter | ==== rkhunter | ||
Line 69: | Line 109: | ||
rkhunter -c | rkhunter -c | ||
+ | |||
+ | ==== Lynis ==== | ||
+ | download from [[http:// | ||
+ | |||
+ | # wget http:// | ||
+ | # tar xvfz lynis-1.1.8.tar.gz | ||
+ | # ./lynis --check-update | ||
+ | # ./lynis -c | ||
+ | |||
==== MD5 sum checks ==== | ==== MD5 sum checks ==== |