Samiksha Jaiswal (Editor)

Open Source Tripwire

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Developer(s)
  
Tripwire, Inc.

Stable release
  
2.4.3.1 / 24 April 2016

Repository
  
github.com/Tripwire/tripwire-open-source

Operating system
  
Linux, all POSIX/UNIX Systems

Type
  
Security, Monitoring, HIDS

License
  
GNU General Public License

Open Source Tripwire is a free software security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems. The project is based on code originally contributed by Tripwire, Inc. in 2000.

Open Source Tripwire functions as a host-based intrusion detection system. Rather than attempting to detect intrusions at the network interface level (as in network intrusion detection systems), Open Source Tripwire detects changes to file system objects.

When first initialized, Open Source Tripwire scans the file system as directed by the administrator and stores information on each file scanned in a database. At a later date the same files are scanned and the results compared against the stored values in the database. Changes are reported to the user. Cryptographic hashes are employed to detect changes in a file without storing the entire contents of the file in the database.

While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, and policy compliance.

References

Open Source Tripwire Wikipedia