Tripwire (software)

From Wikipedia, the free encyclopedia

Tripwire
Developer: Ron Forrester
Latest release: 2.4.0.1 / December 1, 2005
OS: Linux
Use: Security, Monitoring, HIDS
License: GPL
Website: sf.net/projects/tripwire

Tripwire is a free and open-source software tool. It functions as a host-based intrusion detection system. It does not concern itself directly with detecting intrusion attempts in real time at the periphery of a computing system (as in network intrusion detection systems), but rather looks for and reports on the resultant changes of state in the computing system under observation.

Intruders usually leave traces of their activities (changes in the system state). Tripwire looks for these by monitoring key attributes of files that should not change—including binary signatures, size, expected changes in size, etc.—and reporting its findings.

While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, policy compliance, and more.

The original developer of the software was Tripwire, Inc. However, the product has evolved in open source.

[edit] External links


In other languages