Linux – Installing Tripwire IDS (Intrusion Detection System)
IDS(Intrusion detection system) is a software application that monitors your system and checks whether any malicious activity is found or not and reports that to the administrator. Security is a big issue for any Linux administrator, so today we are going to discuss how you can install Tripwire IDS on Linux, Tripwire is a popular open-source Linux Intrusion Detection System (IDS) that runs on systems to check if any of the files have modified or changed in authentically and alert that to the administrator, if the administrator finds the changes authentic, they can accept the changes by updating Tripwire database.
In the following tutorial, here using Kali Linux which is a Debian-based distro, and in Ubuntu and Debian, Tripwire is a part of the default repositories, so we can install Tripwire directly using commands in the terminal.
Steps to Install
On Ubuntu/Debian first, we have to update the system by typing
sudo apt-get update
sudo apt-get update
And after that install Tripwire by typing the command:
sudo apt install tripwire
sudo apt install tripwire
Select on Ok:
passphrase for the first of the pair of keys
Select yes for creating site key passphrases.
site key pass phrases creation
Then select Ok
passphrase for the Second of the pair of keys
Then Select Yes for creating a local key passphrase:
local key pass phrases creation
Then select Ok:
Then select Yes for Rebuilding Tripwire:
select yes
Then select Ok:
Then select OK:
Now Enter a site-key passphrase. Make sure you remember it as it will be needed later.
Click Ok
Now again repeat the passphrase you just wrote:
Click Ok
Now Enter a local-key passphrase. Make sure you remember it.
Click ok
Now again repeat the passphrase you just wrote:
Click Ok
And finally, Your Tripwire IDS is installed successfully:
Click ok
tripwire –check –help will list all the tripwire check commands option
tripwire –check –help