Linux – Installing Tripwire IDS (Intrusion Detection System)
IDS(Intrusion detection system) is a software application that monitors your system and checks whether any malicious activity is found or not and reports that to the administrator. Security is a big issue for any Linux administrator, so today we are going to discuss how you can install Tripwire IDS on Linux, Tripwire is a popular open-source Linux Intrusion Detection System (IDS) that runs on systems to check if any of the files have modified or changed in authentically and alert that to the administrator, if the administrator finds the changes authentic, they can accept the changes by updating Tripwire database.
In the following tutorial, here using Kali Linux which is a Debian-based distro, and in Ubuntu and Debian, Tripwire is a part of the default repositories, so we can install Tripwire directly using commands in the terminal.
Steps to Install
On Ubuntu/Debian first, we have to update the system by typing
sudo apt-get update
And after that install Tripwire by typing the command:
sudo apt install tripwire
Select on Ok:
Select yes for creating site key passphrases.
Then select Ok
Then Select Yes for creating a local key passphrase:
Then select Ok:
Then select Yes for Rebuilding Tripwire:
Then select Ok:
Then select OK:
Now Enter a site-key passphrase. Make sure you remember it as it will be needed later.
Now again repeat the passphrase you just wrote:
Now Enter a local-key passphrase. Make sure you remember it.
Now again repeat the passphrase you just wrote:
And finally, Your Tripwire IDS is installed successfully:
tripwire –check –help will list all the tripwire check commands option
Contact Us