you track down a missing device, provided that Prey was installed on the
device before it was lost. There is also a paid version with a few more
features. You can learn about Prey at http://preyproject.com.
Configuring and Using Tripwire
Tripwire is a security tool that checks the integrity of normal system binaries
and reports any changes to syslog or by email. Tripwire is a good tool for
ensuring that your binaries have not been replaced by Trojan horse programs.
Trojan horses are malicious programs inadvertently installed because of
identical filenames to distributed (expected) programs, and they can wreak
havoc on a breached system.
There are two versions of Tripwire: an open source version and a commercial
product. The free version of Tripwire is available in the Ubuntu repositories.
You can find out about the differences at www.tripwire.org.
To initialize Tripwire, use its -init option, like this:
Click here to view code image
matthew@seymour~:$ sudo tripwire -init
Please enter your local passphrase:
Parsing policy file: /etc/tripwire/tw.pol
Generating the database...
Processing Unix File System
....
Wrote database file: /var/lib/tripwire/shuttle2.twd
The database was successfully generated.
Note that not all the output is shown here. After Tripwire has created its
database (which is a snapshot of your file system), it uses this baseline along
with the encrypted configuration and policy settings in the
/etc/tripwire directory to monitor the status of your system. You should
then start Tripwire in its integrity checking mode, using a desired option. (See
the tripwire man page for details.) For example, you can have Tripwire
check your system and then generate a report at the command line by entering
the following:
Click here to view code image
matthew@seymour~:$ sudo tripwire -m c
No output is shown here, but you would actually get a report after entering
this command. The output could be redirected to a file, but a report is saved as
/var/lib /tripwire/report/hostname-YYYYMMDD-
HHMMSS.twr (in other words, using your host’s name, the year, the month,