Hi,
I'm not a security guru. However, we are laying down the commercial
version of Tripwire release 2.2.1 to keep tabs on the integrity of our
file system.
http://www.tripwire.com/ They have an evaluation program
if you are interested.
We mainly purchased this software to track file system growth from a
given Tripwire recorded baseline snap shot of our file system. We were
interested in tracking the files created and the files removed since the
last time Tripwire generated a snap shot of that file system. Of
course Tripwire does way more than that in terms of file system
integrity, I am just relaying to you the main reason we used to cost
justified this purchase.
Its not always easy to determine who the consumers of your disk space
are, but now when one of our file systems fills up we can determine
exactly which files are new and then approach their owners to determine
whether this is good stuff or junk. Obviously if the file system space
is tight and its junk, we ask them to get rid of it. You really get a
perspective on your file system activity with this product. It even
tracks growing files like log files.
Anyway Tripwire comes with a generic policy file for Unix. I think the
policy file is generic however we did procure the Tripwire product for a
Tru64 UNIX operating system though. Perhaps, just the binaries were
generated for Tru64 UNIX but I feel the default policy file may be more
vanilla UNIX, of course I could be wrong though. Anyway, I was
wondering if there were any extra policy configurations for Tru64 Unix
Tripwire configurations falling under the category of best practices
that I should be aware of?
[Q] Are there any nifty Tripwire tweakings specific to Tru64 Unix that
you know of? If so I would appreciate seeing those portions of your
policy file.
- Kevin
Received on Wed Nov 15 2000 - 20:37:28 NZDT