It is recommended for better security that the database tw.db_[hostname] file of Tripwire be moved someplace e.g. floppy, where it cannot be modified. This is important
because data from Tripwire is only as trustworthy as its database.
It is also recommend that you make a hardcopy printout of the database contents right away. In the event that you become suspicious of the integrity of the database, you will be able to manually compare
information against this hardcopy.
For more details, Further documentation, there are several man pages you can read:
- signature generation routine for Tripwire
- a file integrity checker for UNIX systems
- configuration file for Tripwire
The commands listed in the next section are some that we use often in regular use, but many more exist. Check the man pages for more details.