[root@dg1 ~]# cat /etc/redhat-release red hat enterprise linux as release 4 (nahant update 6)
[root@dg1 ~]# tar jxvf tripwire-2.4.1.2-x86-bin.tar.bz2
[root@dg1 ~]# cd tripwire-2.4.1.2-x86-bin
[root@dg1 ~]# cp bin/* /usr/sbin/ [root@dg1 ~]# cp man/man8/*.* /usr/share/man/man8/
[root@dg1 ~]# mkdir /etc/tripwire [root@dg1 ~]# cp policy/twpol-linux.txt /etc/tripwire/twpol.txt [root@dg1 ~]# cp policy/policyguide.txt /etc/tripwire/ [root@dg1 ~]# mkdir -p /var/lib/tripwire/report [root@dg1 ~]# [root@dg1 ~]# /usr/sbin/twadmin -m g -s /etc/tripwire/site.key /usr/sbin/twadmin: error while loading shared libraries: libcrypto.so.0.9.8: cannot open
shared object file: no such file or directory [root@dg1 ~]# find / -name libcrypto.so* /usr/lib/libcrypto.so /lib/libcrypto.so.4 /lib/libcrypto.so.0.9.6b /lib/libcrypto.so.0.9.7a /lib/libcrypto.so.2 [root@dg1 ~]# ln -s /usr/lib/libcrypto.so /usr/lib/libcrypto.so.0.9.8 [root@dg1 ~]# /usr/sbin/twadmin -m g -s /etc/tripwire/site.key [root@dg1 ~]# /usr/sbin/twadmin -m g -l /etc/tripwire/`hostname`-local.key
[root@dg1 ~]# vi /etc/tripwire/twpol.txt root=/usr/sbin polfile=/etc/tripwire/tw.pol dbfile=/var/lib/tripwire/$(hostname).twd reportfile=/var/lib/tripwire/report/$(hostname)-$(date).twr sitekeyfile=/etc/tripwire/site.key localkeyfile=/etc/tripwire/$(hostname)-local.key editor=/bin/vi lateprompting=false loosedirectorychecking=true mailnoviolations=true emailreportlevel=3 reportlevel=4 mailmethod=sendmail syslogreporting=true mailprogram==/usr/sbin/sendmail -oi -t
[root@dg1 ~]# /usr/sbin/twadmin -m g -s /etc/tripwire/site.key [root@dg1 ~]# /usr/sbin/twadmin -m g -l /etc/tripwire/`hostname`-local.key
[root@dg1 ~]# vi /etc/tripwire/twcfg.txt @@section global twroot="/usr/sbin"; twbin="/usr/sbin"; twpol="/etc/tripwire"; twdb="/var/lib/tripwire"; twskey="/etc/tripwire"; twlkey="/etc/tripwire"; twreport="/var/lib/tripwire/report";
[root@dg1 ~]# service sendmail start
[root@dg1 ~]# /usr/sbin/twadmin -m f -c /etc/tripwire/tw.cfg -s /etc/tripwire/site.key
/etc/tripwire/twcfg.txt
[root@dg1 ~]# vi /etc/tripwire/twpolmake.pl
$polfile=$argv[0]; open(pol,"$polfile") or die "open error: $polfile" ; my($myhost,$thost) ; my($sharp,$tpath,$cond) ; my($inrule) = 0 ; while () } elsif ( /^ elsif ( /^}/ ) elsif ($inrule == 1 and ($sharp,$tpath,$cond) = /^(/s*/#?/s*)(///s+)/b(/s+->/s+.+)$/) if (! -s $tpath) else } print "$_/n" ; }
close(pol) ;
[root@dg1 ~]# perl /etc/tripwire/twpolmake.pl /etc/tripwire/twpol.txt >
/etc/tripwire/twpol.txt.new
[root@dg1 ~]# /usr/sbin/twadmin -m p -c /etc/tripwire/tw.cfg -p /etc/tripwire/tw.pol -s /etc/tripwire/site.key /etc/tripwire/twpol.txt.new
[root@dg1 ~]# rm -f /etc/tripwire/twpol.txt
--初始化 [root@dg1 ~]# /usr/sbin/tripwire -m i -s -c /etc/tripwire/tw.cfg
--檢查
[root@dg1 ~]# /usr/sbin/tripwire -m c -s -c /etc/tripwire/tw.cfg
--系統設為自動檢查
[root@dg1 ~]# vi tripwire.sh #!/bin/bash path=/usr/sbin:/usr/bin:/bin localpass=******xx sitepass=******xx
cd /etc/tripwire
tripwire -m c -s -c tw.cfg | mail -s "tripwire(r)integrity check report in `hostname`" root
twadmin -m p -ctw.cfg -p tw.pol -s site.key > twpol.txt perl twpolmake.pl twpol.txt > twpol.txt.new twadmin -m p -c tw.cfg -p tw.pol -s site.key -q $sitepass twpol.txt.new > /dev/null
rm -f twpol.txt* rm -f *.bak rm -f /var/lib/tripwire/*.twd* tripwire -m i -s -c tw.cfg -p $localpass
## chmod 700 tripwire.sh # crontab -e 00 03 * * * /root/tripwire.sh
DNS在RHEL4上的配置方法
網域名稱 www.test.com ip 192.168.0.90 假設機器在沒有安裝dns 的情況下配置的。在rhel4 上配置dns 步驟如下 2 放到乙個共同目錄下 tar xfz bind 9.3.1rc1.tar.gz cd bind 9.3.0rc4 configure prefix u...
RHEL 4 效能優化 詳述
一 前言 本文件針對oop8生產環境,具體優化策略需要根據實際情況進行調整 本文件將在以下幾個方面來闡述如何針對 redhat enterprise linux進行效能優化。1 linux proc檔案系統,通過對proc檔案系統進行調整,達到效能優化的目的。2 linux效能診斷工具,介紹如何使用...
RHEL4下安裝QT相關軟體過程
這幾天時間在學習qt,要學習這門技術,就要先要把該軟體在linux環境下建立起來,當然,qt這個軟體並不只是在linux平台才可以的。同事有裝好的qt的虛擬機器,系統是ubantu的,因為我更習慣用紅帽,所以決定自己從頭開始在rhel4.0的平台上安裝這個軟體。經過一番艱苦的探索終於完成了qt及qt...