Tripwire For Network Devices
Router, switch, and firewall
configurations are critical to overall network operation. Unwanted changes to
configuration files can result in downtime and security issues and waste hours
of staff time searching for the cause. Tripwire for Network Devices monitors
the integrity of routers, switches and firewalls-network devices that
communicate network traffic within and between networks. It helps network
administrator answer the question, “Has the state of my network devices changed
from a known, trusted state? If so, how?”. Problem s with one network device
can seriously disable an organization’s entire network. Network downtime can
result in lost revenue and lost customer confidence. Manual processes to secure
your network devices are available and important.
Abstract
Tripwire is an intrusion
detection system. It is a software tool that
checks to see what has changed on your system. The program monitors the
key attributes of files that should not change, including the size, binary signature,
expected change of size, and other related important datas. Tripwire is an open
source program created to monitor changes in a key subset of files identified
by the user and report on any changes in any of those files.
Introduction
Tripwire is a reliable intrusion
detection system. It is a software tool that checks to see what has changed in
your system. It mainly monitors the key attribute of your files, by key
attribute we mean the binary signature, size and other related data. Security
and operational stability must go hand in hand, if the user does not have
control over the various operations taking place then naturally the security of
the system is also compromised.
Penetration usually
involves a change of some kind, like a new port has been opened or a new
service. The most common change you can see is that a file has changed. If you
can identify the key subsets of these files and monitor them on a daily basis,
then we will be able to detect whether any intrusion took place. Tripwire is an
open source program created to monitor the changes in a key subset of files
identified by the user and report on any changes in any of those files. When
changes made are detected, the system administrator is informed. Tripwire ‘s
principle is very simple, the system administrator identifies key files and
causes tripwire to record checksum for those files.
Conclusion
Tripwire is a reliable intrusion
detection system. It is a software that can be installed in any type of system
where damaged files are to be detected. The main attractive feature of this
system is that the software generates a report about which file have been
violated, when the file have been violated and also what in the files have been
changed.
0 comments:
Post a Comment