Securing-Optimizing-RH-Linux-1_2_207
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
207
CFLAGS = -O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -
fomit-frame-pointer -fno-exceptions
[root@deep tw_ASR_1.3.1_src]# make
[root@deep tw_ASR_1.3.1_src]# make install
[root@deep tw_ASR_1.3.1_src]# chmod 700 /var/spool/tripwire/
[root@deep tw_ASR_1.3.1_src]# chmod 500 /usr/sbin/tripwire
[root@deep tw_ASR_1.3.1_src]# chmod 500 /usr/sbin/siggen
[root@deep tw_ASR_1.3.1_src]# rm -f /usr/sbin/tw.config
The above commands make and make install would configure the software to ensure your
system has the necessary functionality and libraries to successfully compile the package, compile
all source files into executable binaries, and then install the binaries and any supporting files into
the appropriate locations.
The chmod command will change the default mode of tripwire directory to be 700 (drwx------)
only readable, writable, and executable by the super-user root. It will make the binary
/usr/sbin/tripwire only readable, and executable by the super-user root (-r-x------) and finally
make the siggen program under /usr/sbin directory only executable and readable by root.
The rm command will remove the file tw.config under /usr/sbin. We dont need this file since
we will create a new one under /etc directory later.
Cleanup after work
[root@deep /]# cd /var/tmp
[root@deep tmp]# rm -rf tw_ASR_version/ Tripwire-version.tar.gz
The rm command will remove all the source files we have used to compile and install Tripwire. It
will also remove the Tripwire compressed archive from the /var/tmp directory.
Configurations
All software we describe in this book has a specific directory and subdirectory in a tar
compressed archive named floppy.tgz containing file configurations for the specific program. If
you get this archive file, you wouldnt be obliged to reproduce the different configuration files
bellow manually or cut and past them to create your configuration files. Whatever your decide to
copy manually or get the files made to your convenience from the archive compressed files, it will
be to your responsibility to modify, adjust for your needs and place the files related to Tripwire
ASR 1.3.1 software to their appropriated places on your server machine, like show bellow. The
server configuration files archive to download is located at the following Internet address:
http://pages.infinit.net/lotus1/opendocs/floppy.tgz
·
To run Tripwire, the following files are require and must be create or copied to their
appropriated directories on your server.
Copy the tw.config file to the /etc directory.
Copy the tripwire.verify script to the /etc/cron.daily directory.
You can obtain configuration files listed bellow on our floppy.tgz archive. Copy the following files
from the decompressed floppy.tgz archive to their appropriated places or copy and paste them
directly from this book to the concerned file.
Configuration of the /etc/tw.config file
The /etc/tw.config file is the Tripwire configuration file where you decides and set which system
files and directories that you want monitored. Take a note that several test and experience are