If I was to setup Tripwire on my linux box only to monitor my Operating System Critical files. Which files/folders would I be protecting?
Printable View
If I was to setup Tripwire on my linux box only to monitor my Operating System Critical files. Which files/folders would I be protecting?
Well you would have to define what "critical" means to you, however, I would at least hit these slices:
/boot
/etc
/var
Without specifics, your question is difficult to answer. There has to be some type of criteria to dictate exactly what you need to do (security policy for example). Questions like the following need to be answered before randomly securing boxes:
1) Can this box be down long enough for a rebuild?
2) Do I have the talent to get the box restored should it fail?
3) Where are my critical data/system files located?
4) What exposure does this box pose should it become compromised?
Hope this helps you.
--TH13
for extra security you may want to protect sbin snd certan critical files in /etc