Introduction to tripwire software
Tripwire 2.4 is a file integrity assessment product for Linux networks. Rather than preventing an intruder or virus from attacking system files, Tripwire detects intrusions when they do occur. By comparing system files and directories against a previously stored "baseline" database, Tripwire finds any additions, deletions, or changes to specified properties. This allows the system administrator to determine the extent of the problem and begin necessary damage control.
After Tripwire is installed on a system, the following four commands are used:
tripwire(8) is used for most of the basic operations of the software. This includes creation of the Tripwire database, and checking the integrity of the filesystem against that database. twadmin(8) is used to create, encode, and sign Tripwire policy, configuration, and key files, and for various administrative functions. twprint(8) prints Tripwire database and report files in a plain text format. siggen(8) is a file utility that displays hash values for files.
In addition to the command references listed above, the following three man pages provide information on important components of the Tripwire package.
twfiles(5) provides an overview of the various files created and used by Tripwire, including default locations and settings. twconfig(4) explains the configuration file, which is used to set system-specific information that affects Tripwire operation. twpolicy(4) explains the policy file, which specifies the files and directories Tripwire should check, and how they should be scanned.
Using the --help flag with any Tripwire command (e.g. tripwire --help) will print a short summary of the command modes for that command. If a mode selector is also specified (e.g. tripwire --check --help), a mode-specific usage message will be displayed. Using the all argument with the --help flag (e.g. tripwire --help all) will print detailed usage messages for all modes of the specified command.
This man page describes Tripwire 2.4.
Tripwire, Inc.
Permission is granted to make and distribute verbatim copies of this man page provided the copyright notice and this permission notice are preserved on all copies.
Permission is granted to copy and distribute modified versions of this man page under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one.
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
tripwire(8), twadmin(8), twprint(8), siggen(8), twconfig(4), twpolicy(4), twfiles(5)
The Design and Implementation of Tripwire: A \s-1UNIX\s0 File Integrity CheckerbyGeneKimandEugeneSpafford.PurdueTechnicalReportCSD-TR-93-071.