Click here for "Safe Air Conditioner Repair and Proper Freon Recovery".(Japanese Version)

OpenSUSE15.5 ; Tripwire, Logwatch Install

1. Tripwire

Tripwire is a host-based intrusion detection system (IDS) that monitors files and directories and notifies you when changes are made.

1.1 Install and configuration

①Install

② Passphrase Settings

Tripwire Configuration

Create a Tripwire configuration file (cryptographically signed version)

Delete Tripwire configuration file (text version)

Reference) To restore the Tripwire configuration file (text version), execute the following command

Policy File Settings

Contents of twpolmake.txt

Policy File Optimizations

Create policy file (cryptographically signed version) based on optimized policy file

Delete policy file (text version)

Create database and check operation

Create test files

Check Tripwire operation

If successful, the following will be displayed

Delete test files

1.2 Run Tripwire regularly

Creation of auto-execution scripts

Contents of "tripwire.sh"

Add to cron to have Tripwire run periodically

Reference: Script for reporting results by e-mail

Execute the following command and confirm that the notification is delivered to the specified e-mail address

2. Logwatch

Logwatch install

Edit configuration file

Output Logwatch reports

Test to see if the report is delivered to the address you set.

Copied title and URL