Running an Integrity Check


By default, the Tripwire RPM adds a shell script called tripwire-check to the /etc/cron.daily/ directory. This will automatically run an integrity check once per day. You can run a Tripwire integrity check at any time by typing the following command:

/usr/sbin/tripwire --check

During an integrity check, Tripwire compares the current state of file system objects with the properties recorded in its database. Violations are printed to the screen, and an encrypted copy of the report is created in /var/lib/tripwire/report/. You can view the report using the twprint command as outlined in the section “Viewing Tripwire Reports.” If you would like to be notified by email when certain types of integrity violations occur, you can configure this in the policy file. See the section “Tripwire and Email” for instructions on how to set up and test this feature.




Official Red Hat Linux Administrator's Guide
Official Red Hat Linux Administrators Guide
ISBN: 0764516957
EAN: 2147483647
Year: 2002
Pages: 278
Authors: Red Hat Inc

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net