后)r
TWDBHOSTNAMEtwd ←添加这一句(不对数据库进行监测)r
r
rootservertwadmi
createpolfileSetctripwiresitekeyetctripwiretwpoltxt ←从文本配置文件建立加密格式配置文件r
r
Pleasee
teryoursitepassphrase ←输入“sitekeyfile”口令(输入后不会显示)r
Wrotepolicyfileetctripwiretwpolr
r
rootserverrmfetctripwiretwcfgtxt ←为不留安全隐患,删除文本格式的配置文件r
r
注:恢复文本格式的Tripwire配置文件,可通过执行“twadmi
pri
tcfgfileetctripwiretwcfgtxt”。r
r
3建立数据库r
r
rootservertripwirei
it ←建立数据库r
r
Pleasee
teryourlocalpassphrase ←输入“localkeyfile”口令(输入后不会显示)r
Parsi
gpolicyfileetctripwiretwpolr
Ge
erati
gthedatabaser
Processi
gU
ixFileSystemr
Wrotedatabasefileusrlocallibtripwiresamplece
tospubcomtwdr
Thedatabasewassuccessfullyge
eratedr
r
运行Tripwirer
r
下面开始测试并让Tripwire开始工作。r
r
1建立Tripwire运行脚本:r
r
rootservervitripwirecheck ←建立Tripwire运行脚本r
r
bi
bashr
r
PATHusrlocalsbi
usrbi
bi
r
SITEPASSSiteKeyPassphrase ←将星号部分换为SiteKeyfile的口令r
LOCALPASSLocalKeyPassphrase ←将星号部分换为LocalKeyfile的口令r
REPORTFILEusrlocallibtripwirereporthost
amedateYmdtwrr
r
Ru
theTripwirer
tripwirecheckr