• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Intrusion Detection

In the previous section, you saw some basic methods you can use for securing your machine, including the use of TCP Wrappers. Additionally, we saw that OS X comes with a firewall package, ipfw, which can be used for further securing your machine. In this section, we will look at a couple intrusion detection tools that you can install to further secure your machine, and discuss detecting and reacting to a break-in.

Tripwire

Tripwire is a utility that monitors the integrity of important files or directories. It stores information in a database about files and directories that you have specified. You can then use Tripwire to check whether there have been any changes to your files. It checks the current state of the files against the information in its database. The academic source release of Tripwire 1.3.1 is available from http://www.tripwire.com/. Tripwire Security Systems also has a commercial version of Tripwire, but it might not be available for OS X.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint