#format wiki
#language en

Tripwire is a tool that keeps a database of information about files on the server.  It performs regular checks and reports about files that have been changed, deleted, created, or renamed.

== Configuration `/etc/tripwire` ==
 * `fyodor.hcoop.net-local.key` is a cryptographic key used to sign the database and reports
 * `site.key` is a cryptographic key used to sign the configuration and policy files
 * `tw.cfg` is a signed binary file that holds configuration information
 * `tw.pol` is a signed binary file that holds policy information
 * `twcfg.txt` is the text source of tw.cfg
 * `twpol.txt` is the text source of tw.pol

== Data `/var/lib/tripwire` ==
 * `fyodor.hcoop.net.twd` is the signed tripwire database, storing information about every monitored file
 * `reports/` holds the signed binary reports

----
CategorySystemAdministration