[root@ipython ~]# wget http://nchc.dl.sourceforge.net/project/tripwire/tripwire-src/tripwire-2.4.2.2/tripwire-2.4.2.2-src.tar.bz2[root@ipython ~]# tar jxf tripwire-2.4.2.2-src.tar.bz2
[root@ipython ~]# cd tripwire-2.4.2.2-src
[root@ipython tripwire-2.4.2.2-src]#./configure --prefix=/software/tripwire
[root@ipython tripwire-2.4.2.2-src]# make
[root@ipython tripwire-2.4.2.2-src]# make install
############INSTALL 交互#################Press ENTER to view the LicenseAgreement. ###回车阅读协议
license agreement.[donot accept] accept ###同意协议Continuewith installation?[y/n] y ###确认继续安装Enter the site keyfile passphrase: ###需要记住的keyfileVerify the site keyfile passphrase: ###重复Enter the local keyfile passphrase: ###需要记住的local keyfileVerify the local keyfile passphrase: ###重复Please enter your site passphrase: ###输入Please enter your site passphrase: ###输入############交互结束,完成安装#################[root@ipython tripwire-2.4.2.2-src]# ls /software/tripwire/etc/| sort
ipython.me-local.key ####加密本地密钥文件
site.key ####加密站点密钥文件
tw.cfg ####加密配置变量文件
tw.pol ####加密策略文件
twcfg.txt ####定义数据库、策略文件和Tripwire可执行文件的位置
twpol.txt ####定义检测的对象及违规时采取的行为
2、初始化(生成基准数据库)
[root@ipython ~]#/software/tripwire/sbin/tripwire --init
Please enter your local passphrase:###键入密码,后面省略此交互......Wrote database file:/software/tripwire/lib/tripwire/ipython.me.twd
The database was successfully generated.
###更新策略稳健,需要修改策略的规则,先将策略重定向出来###[root@ipython ~]#/software/tripwire/sbin/twadmin --print-polfile > twpol.txt
###照猫画虎修改吧,然后update###[root@ipython ~]#/software/tripwire/sbin/tripwire --update-policy twpol.txt
Parsing policy file:/root/twpol.txt
Please enter your local passphrase:Please enter your site passphrase:
0 Comments