Pick a Free OS

User login

Navigation

Intrusion Detection Systems for your network: Part I

"Our decision to create an open source model for our Linux product, allows us to extend our award-winning, integrity assessment capabilities across the thousands of additional Linux enterprises that are playing a key role in today's eCommerce and eBusiness markets" says W. Wyatt Starnes, President, CEO and co-founder of Tripwire, Inc.

In many ways, Tripwire, Inc.'s open sourcing of its Tripwire product is a return to its roots. With origins in academia and the fact that the source code for Tripwires Academic Source Release (ASR) has been widely available since 1992, Tripwires move to open source its significantly enhanced commercial version is perhaps less dramatic than similar moves by other companies. But one of the especially significant aspects of the Tripwire announcement is that the company is providing source code for its flagship product, as opposed to merely open sourcing older versions of outmoded or even virtually obsolete software. This backhanded open sourcing strategy, unfortunately, has been popular among some companies hoping to earn a little positive open-source karma without exposing their precious proprietary software to the powerful currents of open-source development.

Tripwire was originally developed for the Computer Operations Audit and Security Technology (COAST) at Purdue University in Indiana. Available in C source code form, Tripwire has been available commercially since January 1999. Locations for downloading the older, pre-commercial version of Tripwire include comp.sources.unix (Usenet), /pub/spaf/COAST/Tripwire (anonymous FTP) and by e-mail. The company's new moves, which it refers to as Tripwire everywhere, are to extend the software's integrity assessment beyond the operating system to encompass as much as an entire network--including databases and network devices. While only one of a number of security tools used by *NIX administrators, Tripwire is considered by many to be a significant piece of software when it comes to intrusion detection.

Tomorrow we will take a look at installing, configuring and using Tripwire.