good practice. The consistent use of tools like Tripwire ASR will report discrepancies found

in operating system software. Security Tools To ensure and maintain the integrity of the network servers, it is important to constantly monitor them for signs of malicious activity. There are a number of tools that can aid an administrator in this task. Two of these tools that are commonly implemented are Tripwire ASR and TCP Wrappers. Tripwire ASR Tripwire monitors the permissions and checksums of important system files to detect if they have been replaced or corrupted. When first installed, Tripwire ASR calculates a baseline set of checksums for the files to be monitored. A cron job can be configured to calculate the checksums of the selected files and compare them against the saved baseline on a regular basis. Tripwire ASR can be configured to send an alert to the administrator should any file’s recomputed checksum fail to match its baseline, indicating that the file has been altered. TCP Wrappers TCP wrappers allows the administrator to log connections to TCP services -- primarily those launched by the inet daemon. It also can restrict incoming connections to these services from systems via two files, hosts.allow and hosts.deny. Both of these features can be very useful when tracking or controlling unwanted network connection attempts.
Next topic
Previous topic