Tiny Deathstars of Foulness

I originally posted this at To install Tripwire, run in the folder that you have extracted the tripwire files into sudo ./ Then enter passphrases/passwords when asked Then enter the shortname of the primary user of tripwire Allow the system to define the baseline state of the Server. To update your tripwire database after making system changes run this command: ./tripwire -m u -r ../report/day-month-year-initials.twr To update your tripwire config, change the /usr/local/etc/twcfg.txt file and run this command ./twadmin -m F -S ../key/site.key ../../etc/twcfg.txt To enforce a new policy, edit the /usr/local/tripwire/policy/twpol.txt file and run this command: ./twadmin -m p > ../policy/twpol.txt To view Tripwire reports run this command ./twprint -m r -r ../report/*.twr â†’ the * in this command is meant to demote your latest twr file To scan what changes have been made to the system, cd into this directory /usr/local/tripwire/bin and run ./tripwire -m c To email these changes to the email address listed in the config file, run ./tripwire –m c -M

August 21st, 2006

Posted In: Mac OS X

Tags: ,