---

---

Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 207 CFLAGS = -O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro - fomit-frame-pointer -fno-exceptions [root@deep tw_ASR_1.3.1_src]# make [root@deep tw_ASR_1.3.1_src]# make install [root@deep tw_ASR_1.3.1_src]# chmod 700 /var/spool/tripwire/ [root@deep tw_ASR_1.3.1_src]# chmod 500 /usr/sbin/tripwire [root@deep tw_ASR_1.3.1_src]# chmod 500 /usr/sbin/siggen [root@deep tw_ASR_1.3.1_src]# rm -f /usr/sbin/tw.config The above commands “make” and “make install” would configure the software to ensure your system has the necessary functionality and libraries to successfully compile the package, compile all source files into executable binaries, and then install the binaries and any supporting files into the appropriate locations. The “chmod” command will change the default mode of “tripwire” directory to be 700 (drwx------) only readable, writable, and executable by the super-user “root”. It will make the binary “/usr/sbin/tripwire” only readable, and executable by the super-user “root” (-r-x------) and finally make the “siggen” program under “/usr/sbin” directory only executable and readable by “root”. The “rm” command will remove the file “tw.config” under “/usr/sbin”. We don’t need this file since we will create a new one under “/etc” directory later. Cleanup after work [root@deep /]# cd /var/tmp [root@deep tmp]# rm -rf tw_ASR_version/ Tripwire-version.tar.gz The “rm” command will remove all the source files we have used to compile and install Tripwire. It will also remove the Tripwire compressed archive from the “/var/tmp” directory. Configurations All software we describe in this book has a specific directory and subdirectory in a tar compressed archive named “floppy.tgz” containing file configurations for the specific program. If you get this archive file, you wouldn’t be obliged to reproduce the different configuration files bellow manually or cut and past them to create your configuration files. Whatever your decide to copy manually or get the files made to your convenience from the archive compressed files, it will be to your responsibility to modify, adjust for your needs and place the files related to Tripwire ASR 1.3.1 software to their appropriated places on your server machine, like show bellow. The server configuration files archive to download is located at the following Internet address: http://pages.infinit.net/lotus1/opendocs/floppy.tgz · To run Tripwire, the following files are require and must be create or copied to their appropriated directories on your server. Copy the tw.config file to the “/etc” directory. Copy the tripwire.verify script to the “/etc/cron.daily” directory. You can obtain configuration files listed bellow on our floppy.tgz archive. Copy the following files from the decompressed floppy.tgz archive to their appropriated places or copy and paste them directly from this book to the concerned file. Configuration of the “/etc/tw.config” file The “/etc/tw.config” file is the Tripwire configuration file where you decides and set which system files and directories that you want monitored. Take a note that several test and experience are