2002-10-24
# cd /usr/ports/tripwire # make install
II - Configuring Tripwire
Create or modify the policy file in /usr/local/etc/twpol.txt
You can use “tripwire –update-policy -Z low twpol.txt” to assist in its creation.
# twadmin --create-polfile twpol.txt # tripwire --init
You will want to put this in the crontab…
# tripwire --check --email-report
And whenever you want to update the database (after a legitimate change) use this:
# tripwire --update -r /var/db/tripwire/report/hostname-20021025-155232.twr
(replace /var/db/tripwire/report/hostname-20021025-155232.twr with the latest report file)
