1 / 11

TRIP WIRE

TRIP WIRE. INTRUSION DETECTION SYSYTEM. Presented by C.SARITHA ( 07R91A0568). CONTENT. Basically this presentation contains, What is TripWire ? How does TripWire work? Where is TripWire used? How do you install and use TripWire ? What is the benefit of TripWire ?

audrey-brennan
Download Presentation

TRIP WIRE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by C.SARITHA (07R91A0568)

  2. CONTENT Basically this presentation contains, • What is TripWire? • How does TripWire work? • Where is TripWire used? • How do you install and use TripWire? • What is the benefit of TripWire? • Final word on TripWire.

  3. What is TripWire? • Reliable intrusion detection system. • Tool that checks to see what changes have been made in your system. • Pinpoints, notifies, determines the nature, and provides information on the changes on how to manage the change. • Mainly monitors the key attributes(like binary signature, size and other related data) of your files. • Changes are compared to the established good baseline. • Security is compromised, if there is no control over the various operations taking place. • Security not only means protecting your system against various attacks but also means taking quick and decisive actions when your system is attacked.

  4. How does TripWire work?

  5. First, a baseline database is created storing the original attributes like binary values in registry. • If the host computer is intruded, the intruder changes these values to go undetected. • The TripWire software constantly checks the system logs to check if any unauthorized changes were made. • If so, then it reports to the user. • User can then undo those changes to revert the system back to the original state.

  6. Where is TripWire used? • Tripwire for Servers(TS) is software used by servers. • Can be installed on any server that needs to be monitored for any changes. • Typical servers include mail servers, web servers, firewalls, transaction server, development server. • It is also used for Host Based Intrusion Detection System(HIDS) and also for Network Intrusion Detection System(NIDS). • It is used for network devices like routers, switches, firewall, etc. • If any of these devices are tampered with, it can lead to huge losses for the Organization that supports the network.

  7. How do you install and use TripWire? • Install Tripwire and customize the policy file. • Initialize the Tripwire database. • Run a Tripwire integrity check. • Examine the Tripwire report file. • Take appropriate security measures. • Update the Tripwire database file. • Update the Tripwire policy file.

  8. What is the benefit of TripWire? • Increase security Immediately detects and pinpoints unauthorized change. • Instill Accountability Tripwire identifies and reports the sources of change. • Gain Visibility Tripwire software provides a centralized view of changes across the enterprise infrastructure and supports multiple devices from multiple vendors. • Ensure Availability Tripwire software reduces troubleshooting time, enabling rapid discovery and recovery. Enables the fastest possible restoration back to a desired, good state.

  9. Where did I get this Information? • www.tripwire.com • www.iec.com • www.itpaper.com • www.google.com (Search for Tripwire)

  10. ANY QUESTIONS ?

  11. THANK YOU FOR LISTENING PATIENTLY!

More Related