LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-24-2006, 01:59 PM   #1
anil2003
LQ Newbie
 
Registered: Jan 2006
Posts: 8

Rep: Reputation: 0
editing of configuration and policy file and implementing tripwire


sir,
1. i have installed tripwire-2.3.1-2-i686.tgz in my pc which is having vector linux.
2. i have installed the tripwire and made the configuration and the policy file along with initialization of the database.
3. the problems which i am facing are as follows:
* when i want to see my config and policy file which i had created under root/etc/tripwire are not visible to me.
* similar is the case with database which i have created.
* i have installed the tripwire in root itself
* once i am doing the editing of the config file twcfg.txt and policy file twpol.txt which are there under root/etc/tripwire the message which i am getting is that the tar file cannot be written get the access to it.i have gone into the properties of both the files and made it both read and write but again message is coming that tar cannot be modified.
* i have created all three config,policy,database but when i want to see what is there inside them i am not able to access them
* when i made config file and policy file i checked under root/etc/tripwire apart from twcfg.txt and twpol.txt there were existing tw.cfg and tw.pol,which are the actual configuration and policy file.pl tell me as to how to acess them and edit them as per my requirement
* i want to select some files and directories for which i want to do some changes in my database how can i go about doing this.
* once i m running the file integrity check with the existing database it is running properly and at the end is showing integrity check carried out sucessfully but once it is checking it is giving message as file/directories not found.
* i m really confused as to what my database is actually having.how can i see what files/directories are being selected for integrity check

4. once i am running the command tripwire --check i am getting the following message
-----------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------
before this also i am getting the same errors but for shortening the message i am sending it from 348 onwards.
Filename: /etc/rc.d/rc.wireless.conf
No such file or directory
348. File system error.
Filename: /etc/csh.cshrc
No such file or directory
349. File system error.
Filename: /etc/exports
No such file or directory
350. File system error.
Filename: /etc/mail.rc
No such file or directory
351. File system error.
Filename: /etc/tripwire/authentication.dat
No such file or directory
352. File system error.
Filename: /root/Mail
No such file or directory
353. File system error.
Filename: /root/mail
No such file or directory
354. File system error.
Filename: /root/.xauth
No such file or directory
355. File system error.
Filename: /root/.mc
No such file or directory
356. File system error.
Filename: /root/.cshrc
No such file or directory
357. File system error.
Filename: /root/.bash_logout
No such file or directory
358. File system error.
Filename: /root/.Xresources
No such file or directory

-------------------------------------------------------------------------------
*** End of report ***

Tripwire 2.3 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.
Integrity check complete.
[root@anks~]#
----------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------

5. in the end it is showing integrity check complete but it is showing all errors and it is not in the report format as desired.

pl give me the directions to the above problems
anil
 
Old 04-24-2006, 02:52 PM   #2
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,138

Rep: Reputation: 168Reputation: 168
The steps I used to setup and configure tripwire are here at http://www.linuxquestions.org/questi...93#post2035193. You shouldn't install it under /root - my policy and config files are in /usr/local/etc and my database is under /usr/local/lib/tripwire
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
editing of configuration and policy file while implementing tripwire-2.3.1-2-i686.tgz anil2003 VectorLinux 0 03-29-2006 04:36 AM
Tripwire + Logrotate Policy TruckStuff Linux - Security 6 09-08-2005 03:00 PM
Tripwire policy Q TruckStuff Linux - Security 1 07-03-2005 06:50 AM
Implementing password policy ddaas Linux - Security 3 12-31-2004 02:02 PM
Need Tripwire Policy Advice JimKyle Linux - Security 4 03-03-2002 05:03 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration