10Nov2008 (UTC +8) On 11/10/08, Nelson Serafica <[EMAIL PROTECTED]> wrote: > I have installed tripwire before. But it seems I need to run the tripwire > report just to see the modification of those file. But that's the open > source version and not the Enterprise Edition.
Seems to me that you might need a host-based intrusion detection system (HIDS). You can mix-and-match different stuff to make your own HIDS, with Tripwire being one of the components. For starters, check out: http://www.sans.org/resources/idfaq/host_based.php Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
