After you have installed Tripwire, do the following:

# cd /etc/tripwire
# ./twinstall.sh
# tripwire –init
# rm twcfg.txt twpol.txt

(more…)

Suppose your system is infiltrated by the infamous Jack the Cracker. Being a conscientious evildoer, he quickly modifies some system files to create back doors and cover his tracks. For instance, he might substitute a hacked version of /bin/login to admit him without a password, and a bogus /bin/ls could skip over and hide traces of his evil deeds. If these changes go unnoticed, your system could remain secretly compromised for a long time. How can this situation be avoided?

(more…)