Educause Security Discussion mailing list archives
Re: Tripwire
From: Gary Dobbins <dobbins () ND EDU>
Date: Sun, 18 Sep 2005 09:01:21 -0500
We've used it for 3 years, as an after-the-fact IDS. Good supplemental layer. Offers a number of second-order benefits too, depending on the maturity of surrounding processes. Ensuring accurate and meaningful configuration (and thus keeping daily alerts down to just actual unexpected changes, while not missing important ones) is key. If mis-configured, information can be lost amidst the resultant noise. If under-configured, it's ineffective. Properly used, it can help one rest better at night. ron behrang wrote:
Hi All, Has anyone recently implemented the commercial Tripwire within their network? Enterprise Version or Tripwire for Servers and Manager... Any pitfalls, major/minor issues, difficulty of implementation, that I should know about? Any feedback would be appreciated. Thanks Ron
-- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies
Current thread:
- Tripwire ron behrang (Sep 15)
- <Possible follow-ups>
- Re: Tripwire Huba Leidenfrost (Sep 16)
- Re: Tripwire Gary Dobbins (Sep 18)