SlideShare une entreprise Scribd logo

TRIP WIRE

Télécharger en tant que DOC, PDF
P
praveen369
1  sur  4
“TRIPWIRE” A Seminar Report Submitted by P.A.A. KAREEMULLA(09751A0587) In partial fulfillment for the award of the degree of BACHELOR OF TECHNOLOGY IN COMPUTER SCIENCE AND ENGINEERING At SREENIVASA INSTITUTE OF TECHNOLOGY AND MANAGEMENT STUDIES,CHITTOOR-517127 (Affiliated to J.N.T.U Anantapur & Accredited by NBA, New Delhi) DEC – 2012 1
SREENIVASA INSTITUTE OF TECHNOLOGY AND MANAGEMENT STUDIES (Affiliated to J.N.T.U Anantapur & Accredited by NBA, New Delhi) Thimmasamudhram, Chittoor - 517127 DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CERTIFICATE This is to certify that the seminar entitled “TRIPWIRE” that is being submitted by Mr.P.A.A. KAREEMULLA, bearing roll no 09751A0587 in partial fulfillment of degree of IV B.Tech in CSE to JNTU Anantapur is a record of bonafied work carried by him under my supervision. 1. 2. 3. Seminar Supervisors Head of the Department 2
ABSTRACT Tripwire is an intrusion detection system. It is a software tool that checks to see what has changed on your system. The program monitors the key attributes of files that should not change, including the size, binary signature, expected change of size, and other related important data’s. Tripwire is an open source program created to monitor changes in a key subset of files identified by the user and report on any changes in any of those files. When changes are detected the system Administrator can determine whether those changes occurred due to normal, permitted activity, or whether they were caused by a break-in. If the former, the administrator can update the system baseline to the new files. If the latter, then repair and recovery activity begins. Tripwire’s principle is simple enough. The system administrator identifies key files and causes Tripwire to record checksum for those files. Administrator also puts a cron job to scan those files at intervals (daily or more frequently), comparing to the original checksum. Any changes, addition, or deletion are reported, so the proper action can be taken. 3
TABLE OF CONTENTS 1.INTRODUCTION………………………………………………………………………….…6 1.1.MOTIVATION………………………………………………………………………………7 2. BASIC PURPOSE OF TRIPWIRE …………………………………………………………..8 2.1 TRIPWIRE RELATED TOPICS……………. ………………………………………….….9 3. ACTUTAL WORKING OF THE TRIPWIRE SYSTEM…….………………………….….10 3.1. MONITORING DYNAMIC BEHAVIOUR……….……………………………………..10 3.2.MONITORING STATE……………………………………………………………………10 3.3.TECHNIQUES……………………………………………………………………………..11 4. OPERATION OF TRIPWIRE…………….…………………………………………………12 4.1. PROTECTING THE HIDS……………………………………………………………...…12 4.2. FLOWCHART SHOWING THE WORKING OF TRIPWIRE…………………………..14 5.TRIPWIRE MANAGER………………………………………………………………………17 6.TRIPWIRE FOR SERVERS…………………………………………………………………..19 6.1. FLEXIBLE POLICY LANGUAGE………………………………………………………..19 7. TRIPWIRE FOR NETWORK DEVICES…………………………………………………….21 8. HOW TO INSTALL AND USE THE TRIPWIRE SYSTEM………………………….……23 9. HOW TO USE TRIPWIRE…………………………………………………………………..24 10. ADVANTAGES OF TRIPWIRE…………………………………………………………..35 11.CONCLUSION………………………………………………………………………………36 12.REFERENCES………………………………………………………………………………37 ACKNOWLEDGEMENT 4

Recommandé

Tripwire
TripwireTripwire
TripwireAnang Sunny
 
tripwire
tripwiretripwire
tripwireveena jl
 
Tripwire
TripwireTripwire
TripwireDhananjay Aloorkar
 
Tripwire.ppt
Tripwire.pptTripwire.ppt
Tripwire.pptishaque k
 
Tripwire ppt
Tripwire pptTripwire ppt
Tripwire pptOECLIB Odisha Electronics Control Library
 
Lesson 2 scanning
Lesson 2 scanningLesson 2 scanning
Lesson 2 scanningFrankVianzon
 
A Quick Look At The Computer Support Long Island
A Quick Look At The Computer Support Long IslandA Quick Look At The Computer Support Long Island
A Quick Look At The Computer Support Long Islandkimreview
 
EMBEDDED SYSTEMS 1
EMBEDDED SYSTEMS 1EMBEDDED SYSTEMS 1
EMBEDDED SYSTEMS 1PRADEEP
 

Recommandé

Tripwire
TripwireTripwire
TripwireAnang Sunny
 
tripwire
tripwiretripwire
tripwireveena jl
 
Tripwire
TripwireTripwire
TripwireDhananjay Aloorkar
 
Tripwire.ppt
Tripwire.pptTripwire.ppt
Tripwire.pptishaque k
 
Tripwire ppt
Tripwire pptTripwire ppt
Tripwire pptOECLIB Odisha Electronics Control Library
 
Lesson 2 scanning
Lesson 2 scanningLesson 2 scanning
Lesson 2 scanningFrankVianzon
 
A Quick Look At The Computer Support Long Island
A Quick Look At The Computer Support Long IslandA Quick Look At The Computer Support Long Island
A Quick Look At The Computer Support Long Islandkimreview
 
EMBEDDED SYSTEMS 1
EMBEDDED SYSTEMS 1EMBEDDED SYSTEMS 1
EMBEDDED SYSTEMS 1PRADEEP
 
Network security
Network securityNetwork security
Network securityNur Aishah Roslan
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systemssommerville-videos
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems scriptsommerville-videos
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administrationckuyehar
 
OpManager - Technical overview
OpManager - Technical overviewOpManager - Technical overview
OpManager - Technical overviewManageEngine, Zoho Corporation
 
Tool to repair window 7 registry error
Tool to repair window 7 registry errorTool to repair window 7 registry error
Tool to repair window 7 registry errorcharliedavibrown
 
Shelley Atkins Cis 516 Op Manager
Shelley Atkins Cis 516 Op ManagerShelley Atkins Cis 516 Op Manager
Shelley Atkins Cis 516 Op Managershelleyatkins
 
Maintaining computer and network system
Maintaining computer and network systemMaintaining computer and network system
Maintaining computer and network systemMLG College of Learning, Inc
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring toolManageEngine, Zoho Corporation
 
O P Manager
O P ManagerO P Manager
O P Managerblakka
 
Patch
PatchPatch
PatchKiran Sarangi
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management MattersManageEngine, Zoho Corporation
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
General computer - Software and hardware
General computer - Software and hardwareGeneral computer - Software and hardware
General computer - Software and hardwareDr. I. Uma Maheswari Maheswari
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheetIS Decisions
 
Brochure YASENSE
Brochure YASENSEBrochure YASENSE
Brochure YASENSEYazzoom
 
Ct2 presentation stevens
Ct2 presentation stevensCt2 presentation stevens
Ct2 presentation stevensElizabeth Stevens
 
4818467 complete workbook_guide_for_laptop_maintenance_and_repair
4818467 complete workbook_guide_for_laptop_maintenance_and_repair4818467 complete workbook_guide_for_laptop_maintenance_and_repair
4818467 complete workbook_guide_for_laptop_maintenance_and_repairJaicoDictaan1
 
Fault tolerance techniques
Fault tolerance techniquesFault tolerance techniques
Fault tolerance techniquesRajalakshmiSermadurai
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire
 
Seminar report
Seminar reportSeminar report
Seminar reportashwani kumar
 

Contenu connexe

Tendances

Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systemssommerville-videos
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems scriptsommerville-videos
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administrationckuyehar
 
Tool to repair window 7 registry error
Tool to repair window 7 registry errorTool to repair window 7 registry error
Tool to repair window 7 registry errorcharliedavibrown
 
Shelley Atkins Cis 516 Op Manager
Shelley Atkins Cis 516 Op ManagerShelley Atkins Cis 516 Op Manager
Shelley Atkins Cis 516 Op Managershelleyatkins
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
O P Manager
O P ManagerO P Manager
O P Managerblakka
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheetIS Decisions
 
Brochure YASENSE
Brochure YASENSEBrochure YASENSE
Brochure YASENSEYazzoom
 
4818467 complete workbook_guide_for_laptop_maintenance_and_repair
4818467 complete workbook_guide_for_laptop_maintenance_and_repair4818467 complete workbook_guide_for_laptop_maintenance_and_repair
4818467 complete workbook_guide_for_laptop_maintenance_and_repairJaicoDictaan1
 

Tendances (20)

Network security
Network securityNetwork security
Network security
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systems
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems script
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administration
 
OpManager - Technical overview
OpManager - Technical overviewOpManager - Technical overview
OpManager - Technical overview
 
Tool to repair window 7 registry error
Tool to repair window 7 registry errorTool to repair window 7 registry error
Tool to repair window 7 registry error
 
Shelley Atkins Cis 516 Op Manager
Shelley Atkins Cis 516 Op ManagerShelley Atkins Cis 516 Op Manager
Shelley Atkins Cis 516 Op Manager
 
Maintaining computer and network system
Maintaining computer and network systemMaintaining computer and network system
Maintaining computer and network system
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool
 
O P Manager
O P ManagerO P Manager
O P Manager
 
Patch
PatchPatch
Patch
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management Matters
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring Tool
 
General computer - Software and hardware
General computer - Software and hardwareGeneral computer - Software and hardware
General computer - Software and hardware
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheet
 
Brochure YASENSE
Brochure YASENSEBrochure YASENSE
Brochure YASENSE
 
Ct2 presentation stevens
Ct2 presentation stevensCt2 presentation stevens
Ct2 presentation stevens
 
4818467 complete workbook_guide_for_laptop_maintenance_and_repair
4818467 complete workbook_guide_for_laptop_maintenance_and_repair4818467 complete workbook_guide_for_laptop_maintenance_and_repair
4818467 complete workbook_guide_for_laptop_maintenance_and_repair
 
Fault tolerance techniques
Fault tolerance techniquesFault tolerance techniques
Fault tolerance techniques
 

En vedette

Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire
 
Best topics for seminar
Best topics for seminarBest topics for seminar
Best topics for seminarshilpi nagpal
 
Configuración de tripwire
Configuración de tripwireConfiguración de tripwire
Configuración de tripwireRosariio92
 
Fitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFITSUM RISTU LAKEW
 
Seminar project(computer virus)
Seminar project(computer virus)Seminar project(computer virus)
Seminar project(computer virus)cdebraj16101991
 
Exterminator: Automatically Correcting Memory Errors with High Probability
Exterminator: Automatically Correcting Memory Errors with High ProbabilityExterminator: Automatically Correcting Memory Errors with High Probability
Exterminator: Automatically Correcting Memory Errors with High ProbabilityEmery Berger
 
Digital light processing
Digital light processingDigital light processing
Digital light processingRamrao Desai
 
Brain finger printing
Brain finger printingBrain finger printing
Brain finger printingLikan Patra
 
Microsoft Palladium.
Microsoft Palladium.Microsoft Palladium.
Microsoft Palladium.Anurag Sharma
 
Gaming console final presentation
Gaming console final presentationGaming console final presentation
Gaming console final presentationVivek Bharadwaj
 
Nokia Morph Technology
Nokia Morph TechnologyNokia Morph Technology
Nokia Morph TechnologyNishanth Nrs
 

En vedette (20)

Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat Protection
 
Seminar report
Seminar reportSeminar report
Seminar report
 
zigbee full ppt
zigbee full pptzigbee full ppt
zigbee full ppt
 
Zigbee Presentation
Zigbee PresentationZigbee Presentation
Zigbee Presentation
 
Best topics for seminar
Best topics for seminarBest topics for seminar
Best topics for seminar
 
Configuración de tripwire
Configuración de tripwireConfiguración de tripwire
Configuración de tripwire
 
Fitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detection
 
Seminar project(computer virus)
Seminar project(computer virus)Seminar project(computer virus)
Seminar project(computer virus)
 
Presentation
PresentationPresentation
Presentation
 
Exterminator: Automatically Correcting Memory Errors with High Probability
Exterminator: Automatically Correcting Memory Errors with High ProbabilityExterminator: Automatically Correcting Memory Errors with High Probability
Exterminator: Automatically Correcting Memory Errors with High Probability
 
Digital light processing
Digital light processingDigital light processing
Digital light processing
 
Daknet
DaknetDaknet
Daknet
 
Brain finger printing
Brain finger printingBrain finger printing
Brain finger printing
 
Microsoft Palladium.
Microsoft Palladium.Microsoft Palladium.
Microsoft Palladium.
 
Java ring Engg SEMINAR
Java ring Engg SEMINARJava ring Engg SEMINAR
Java ring Engg SEMINAR
 
Gaming console final presentation
Gaming console final presentationGaming console final presentation
Gaming console final presentation
 
Green cloud
Green cloudGreen cloud
Green cloud
 
Solar Airplane
Solar AirplaneSolar Airplane
Solar Airplane
 
light tree
light treelight tree
light tree
 
Nokia Morph Technology
Nokia Morph TechnologyNokia Morph Technology
Nokia Morph Technology
 

Similaire à TRIP WIRE

Resource scheduling algorithm
Resource scheduling algorithmResource scheduling algorithm
Resource scheduling algorithmShilpa Damor
 
CONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docx
CONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docxCONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docx
CONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docxdonnajames55
 
Seminar Report - Managing the Cloud with Open Source Tools
Seminar Report - Managing the Cloud with Open Source ToolsSeminar Report - Managing the Cloud with Open Source Tools
Seminar Report - Managing the Cloud with Open Source ToolsNakul Ezhuthupally
 
MEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docx
MEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docxMEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docx
MEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docxARIV4
 
Project for Student Result System
Project for Student Result SystemProject for Student Result System
Project for Student Result SystemKuMaR AnAnD
 
Analyzing and implementing of network penetration testing
Analyzing and implementing of network penetration testingAnalyzing and implementing of network penetration testing
Analyzing and implementing of network penetration testingEngr Md Yusuf Miah
 
Design approach for fault
Design approach for faultDesign approach for fault
Design approach for faultVLSICS Design
 
online movie ticket booking system
online movie ticket booking systemonline movie ticket booking system
online movie ticket booking systemSikandar Pandit
 
Project final report
Project final reportProject final report
Project final reportALIN BABU
 
Accelerated Prototyping of Cyber Physical Systems in an Incubator Context
Accelerated Prototyping of Cyber Physical Systems in an Incubator ContextAccelerated Prototyping of Cyber Physical Systems in an Incubator Context
Accelerated Prototyping of Cyber Physical Systems in an Incubator ContextSreyas Sriram
 
A Survey on Heuristic Based Techniques in Cloud Computing
A Survey on Heuristic Based Techniques in Cloud ComputingA Survey on Heuristic Based Techniques in Cloud Computing
A Survey on Heuristic Based Techniques in Cloud ComputingIRJET Journal
 
Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...
Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...
Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...IRJET Journal
 
A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...
A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...
A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...Arlene Smith
 
Engineering Technical Report
Engineering Technical ReportEngineering Technical Report
Engineering Technical ReportJim Tu
 

Similaire à TRIP WIRE (20)

Resource scheduling algorithm
Resource scheduling algorithmResource scheduling algorithm
Resource scheduling algorithm
 
Clusetrreport
ClusetrreportClusetrreport
Clusetrreport
 
CONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docx
CONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docxCONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docx
CONSULTANT ANALYSIS FOR MEDICAL FACILITY2CONSULTANT ANALYSIS FO.docx
 
50120130406041 2
50120130406041 250120130406041 2
50120130406041 2
 
Report 2
Report 2Report 2
Report 2
 
Seminar Report - Managing the Cloud with Open Source Tools
Seminar Report - Managing the Cloud with Open Source ToolsSeminar Report - Managing the Cloud with Open Source Tools
Seminar Report - Managing the Cloud with Open Source Tools
 
MEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docx
MEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docxMEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docx
MEDICAL FACILITY ANALYSIS2MEDICAL FACILITY ANALYSIS16.docx
 
Project for Student Result System
Project for Student Result SystemProject for Student Result System
Project for Student Result System
 
Analyzing and implementing of network penetration testing
Analyzing and implementing of network penetration testingAnalyzing and implementing of network penetration testing
Analyzing and implementing of network penetration testing
 
Srs
SrsSrs
Srs
 
Design approach for fault
Design approach for faultDesign approach for fault
Design approach for fault
 
online movie ticket booking system
online movie ticket booking systemonline movie ticket booking system
online movie ticket booking system
 
bakalarska_praca
bakalarska_pracabakalarska_praca
bakalarska_praca
 
Project final report
Project final reportProject final report
Project final report
 
Accelerated Prototyping of Cyber Physical Systems in an Incubator Context
Accelerated Prototyping of Cyber Physical Systems in an Incubator ContextAccelerated Prototyping of Cyber Physical Systems in an Incubator Context
Accelerated Prototyping of Cyber Physical Systems in an Incubator Context
 
A Survey on Heuristic Based Techniques in Cloud Computing
A Survey on Heuristic Based Techniques in Cloud ComputingA Survey on Heuristic Based Techniques in Cloud Computing
A Survey on Heuristic Based Techniques in Cloud Computing
 
Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...
Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...
Benchmarking Techniques for Performance Analysis of Operating Systems and Pro...
 
Chap3
Chap3Chap3
Chap3
 
A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...
A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...
A Case Study Injecting Safety-Critical Thinking Into Graduate Software Engin...
 
Engineering Technical Report
Engineering Technical ReportEngineering Technical Report
Engineering Technical Report
 

TRIP WIRE

  • 1. “TRIPWIRE” A Seminar Report Submitted by P.A.A. KAREEMULLA(09751A0587) In partial fulfillment for the award of the degree of BACHELOR OF TECHNOLOGY IN COMPUTER SCIENCE AND ENGINEERING At SREENIVASA INSTITUTE OF TECHNOLOGY AND MANAGEMENT STUDIES,CHITTOOR-517127 (Affiliated to J.N.T.U Anantapur & Accredited by NBA, New Delhi) DEC – 2012 1
  • 2. SREENIVASA INSTITUTE OF TECHNOLOGY AND MANAGEMENT STUDIES (Affiliated to J.N.T.U Anantapur & Accredited by NBA, New Delhi) Thimmasamudhram, Chittoor - 517127 DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CERTIFICATE This is to certify that the seminar entitled “TRIPWIRE” that is being submitted by Mr.P.A.A. KAREEMULLA, bearing roll no 09751A0587 in partial fulfillment of degree of IV B.Tech in CSE to JNTU Anantapur is a record of bonafied work carried by him under my supervision. 1. 2. 3. Seminar Supervisors Head of the Department 2
  • 3. ABSTRACT Tripwire is an intrusion detection system. It is a software tool that checks to see what has changed on your system. The program monitors the key attributes of files that should not change, including the size, binary signature, expected change of size, and other related important data’s. Tripwire is an open source program created to monitor changes in a key subset of files identified by the user and report on any changes in any of those files. When changes are detected the system Administrator can determine whether those changes occurred due to normal, permitted activity, or whether they were caused by a break-in. If the former, the administrator can update the system baseline to the new files. If the latter, then repair and recovery activity begins. Tripwire’s principle is simple enough. The system administrator identifies key files and causes Tripwire to record checksum for those files. Administrator also puts a cron job to scan those files at intervals (daily or more frequently), comparing to the original checksum. Any changes, addition, or deletion are reported, so the proper action can be taken. 3
  • 4. TABLE OF CONTENTS 1.INTRODUCTION………………………………………………………………………….…6 1.1.MOTIVATION………………………………………………………………………………7 2. BASIC PURPOSE OF TRIPWIRE …………………………………………………………..8 2.1 TRIPWIRE RELATED TOPICS……………. ………………………………………….….9 3. ACTUTAL WORKING OF THE TRIPWIRE SYSTEM…….………………………….….10 3.1. MONITORING DYNAMIC BEHAVIOUR……….……………………………………..10 3.2.MONITORING STATE……………………………………………………………………10 3.3.TECHNIQUES……………………………………………………………………………..11 4. OPERATION OF TRIPWIRE…………….…………………………………………………12 4.1. PROTECTING THE HIDS……………………………………………………………...…12 4.2. FLOWCHART SHOWING THE WORKING OF TRIPWIRE…………………………..14 5.TRIPWIRE MANAGER………………………………………………………………………17 6.TRIPWIRE FOR SERVERS…………………………………………………………………..19 6.1. FLEXIBLE POLICY LANGUAGE………………………………………………………..19 7. TRIPWIRE FOR NETWORK DEVICES…………………………………………………….21 8. HOW TO INSTALL AND USE THE TRIPWIRE SYSTEM………………………….……23 9. HOW TO USE TRIPWIRE…………………………………………………………………..24 10. ADVANTAGES OF TRIPWIRE…………………………………………………………..35 11.CONCLUSION………………………………………………………………………………36 12.REFERENCES………………………………………………………………………………37 ACKNOWLEDGEMENT 4