Yadda ake Sanya Tripwire IDS (Tsarin Gano Kutse) akan Linux


Tripwire sanannen Tsarin Gano Kutse ne na Linux (IDS) wanda ke gudana akan tsarin don gano idan canje-canjen tsarin fayil mara izini ya faru akan lokaci.

A cikin rabon CentOS da RHEL, hanyar tafiya ba wani yanki bane na ma'ajiyar hukuma. Koyaya, ana iya shigar da fakitin tripwire ta wuraren ajiyar Epel.

Don farawa, fara shigar da ma'ajin Epel a cikin tsarin CentOS da RHEL, ta hanyar ba da umarnin da ke ƙasa.

# yum install epel-release

Bayan kun shigar da ma'ajin Epel, tabbatar kun sabunta tsarin tare da umarni mai zuwa.

# yum update

Bayan kammala aikin sabuntawa, shigar da software na Tripwire IDS ta aiwatar da umarnin da ke ƙasa.

# yum install tripwire

Abin farin ciki, Tripwire wani ɓangare ne na wuraren ajiya na Ubuntu da Debian kuma ana iya shigar dashi tare da umarni masu zuwa.

$ sudo apt update
$ sudo apt install tripwire

A kan Ubuntu da Debian, za a nemi shigarwar tripwire don zaɓar da tabbatar da maɓallin rukunin yanar gizo da kalmar wucewar maɓallin gida. Ana amfani da waɗannan maɓallan ta hanyar tripwire don amintar da fayilolin sanyinta.

A kan CentOS da RHEL, kuna buƙatar ƙirƙirar maɓallan tripwire tare da umarnin da ke ƙasa kuma samar da kalmar wucewa don maɓallin rukunin yanar gizo da maɓallin gida.

# tripwire-setup-keyfiles

Domin tabbatar da tsarin ku, kuna buƙatar fara bayanan Tripwire tare da umarni mai zuwa. Saboda gaskiyar cewa ba a ƙaddamar da bayanan ba tukuna, hanyar tafiya za ta nuna faɗakarwa da yawa na karya.

# tripwire --init

A ƙarshe, samar da rahoton tsarin tafiyar tafiya don bincika saitunan ta hanyar ba da umarnin da ke ƙasa. Yi amfani da --help canza zuwa jera duk zaɓuɓɓukan umarni na bincika tripwire.

# tripwire --check --help
# tripwire --check

Bayan umarnin dubawa na tripwire ya cika, duba rahoton ta buɗe fayil ɗin tare da tsawo .twr daga /var/lib/tripwire/rahoton/ directory tare da umarnin editan rubutu da kukafi so, amma kafin haka kuna buƙatar juyawa. zuwa fayil ɗin rubutu.

# twprint --print-report --twrfile /var/lib/tripwire/report/tecmint-20170727-235255.twr > report.txt
# vi report.txt

Shi ke nan! kun sami nasarar shigar Tripwire akan uwar garken Linux. Ina fata yanzu zaku iya daidaita IDS ɗin ku na Tripwire cikin sauƙi.