:SunWorld: Tripwire: The next generation of security tools [review]
SunWorld: Tripwire: The next generation of security tools [review] Mar 3, 2000, 18 :56 UTC (2 Talkback[s]) (4421 reads) (Other stories by Carole Fennelly)
"A layered, or 'onion,' approach to security is preferred because no single security mechanism is without its flaws.
Previous SunWorld articles... have discussed hardening the host to minimize security exposures;
this one covers Tripwire, a method for intrusion detection on a host level."
"Tripwire is an integrity assessment software package that maintains a database of file attributes and sends alerts
when any of those attributes change. Essentially, it tells you if your servers' files have changed since the previous
day. Because it works on the host level, it should be integrated with other security mechanisms such as firewalls
and network intrusion detection. While Tripwire's primary purpose is to provide security, it provides the
administrator with some source control as well."
"Two versions of Tripwire are available: Tripwire 1.3.1 Academic Source Release (ASR) and the commercial
version, Tripwire 2.2.1. Tripwire's ASR was developed at Purdue University in 1992 by Gene Kim and Gene
Spafford. The release (it's still freely available; see Resources) is the most widely used piece of integrity
assessment software in the world. However, the relatively static ASR isn't often upgraded. Tripwire does provide
bug fixes and minor feature updates, but if you want support and the major new features, you'll have to pay for
them ($495 per host)."
