The Trouble With Tripwire: Making a Valuable Security Tool More Efficient
Source: SecurityFocus - Posted by Derrick Lewis   
Intrusion Detection If an attack against a system is detected, how can it be determined that a system has actually been compromised and important files removed or altered? One answer is to always run Tripwire. Unfortunately, due to the volume and frequency of . . . If an attack against a system is detected, how can it be determined that a system has actually been compromised and important files removed or altered? One answer is to always run Tripwire. Unfortunately, due to the volume and frequency of reports that it generates, Tripwire can be a labor time-sink. Given that running Tripwire may be a security necessity, it would be beneficial to do so as efficiently as possible. This paper will focus on ways to reduce the time and labor required to effectively operate run the Tripwire security and configuration monitoring tool.

Read this full article at SecurityFocus

Only registered users can write comments.
Please login or register.

Powered by AkoComment!