Debian Installation :: New Takeover Installation With Tripwire?

Feb 26, 2011

planning a takeover installation of Debian stable (Squeeze) on an old desktop machine. I have the installation CD #1. I want to install Tripwire early in the process as recommended by Tripwire documentation.

The Debian reference is excellent, as is the latest installation guide I have seen, but neither appear to cover the issue of how to ensure that Tripwire is installed, configured, and first snapshot taken early in the installation process.link to up-to-date document discussing this in the context of Debian Squeeze?

View 14 Replies


ADVERTISEMENT

Debian Installation :: USB Installation Fails To Find An Installation Iso Image

Aug 15, 2010

I have installed Debian maybe 30 times over the years since about 2003, stable, testing and Sid on two different desktops and two different laptops. The only problem I have ever had is sometimes with a flaky daily build. It is one of my favorite distros.

BUT, I am totally frustrated is trying to install to a USB. I have followed the manual step by step about 6 times in the past two weeks. The result is always the same. The installation fails to find an installation iso image. Yes, I know the iso image and the hd-media vmlinuz and initrd.gz files are supposed to be the same version.

File: debian-testing-i386-netinst.iso from: [url]

Files: vmlinuz and initrd.gz from: [url]

The USB boots to a Language selection screen and proceeds through the Keyboard selection screen with no problems.

The next step which searches for an installation iso image fails.

Skipping that step and trying to load installer components from iso image also fails.

Searching the entire PC for an installation iso image also fails. (I even copied the netinst iso image to the HD root directory.)

View 6 Replies View Related

Ubuntu :: How To Install The Tripwire

Jul 2, 2010

I'm trying to install Tripwire, but everytime I run the apt-get command, I receive an error.

How do I fix this and get Tripwire installed?

EDIT: I'm getting the same error trying to install updates. I've never seen this error before and am not sure what could be causing this.

View 1 Replies View Related

Red Hat :: How To Copy Tripwire From Rh9 Install

May 17, 2010

Can someone please tell me how to copy tripwire from my rh9 install and tranfer it to Fedora Core 5??

View 3 Replies View Related

Ubuntu Security :: Install Tripwire On Computer?

May 1, 2011

I am going to try to install Tripwire on my computer. I do not know why or how to configure Tripwire policy and configuration files.

View 1 Replies View Related

Security :: Tripwire Initial Configuration - New Policy - P

Jul 29, 2009

I have just installed tripwire. I have created a baseline db using the default policy file. Then I checked the output of the db to see what I did not have on my filesystem that db was searching for (according to the default policy when tripwire was installed), I then changed my default clear text policy file accordingly and used twadmin to generate a new tw.pol file.

Next I come grinding to a halt after this (assuming the next thing is to update the policy in tripwire right? )

Code:

View 2 Replies View Related

Software :: Excluding Directories And Files In Tripwire?

Jul 12, 2010

I have tripwire 2.4.1 up and running on one of our servers, and I am now in the process of configuring it to exclude some files and/or directories that are known to change periodically between integrity checks.

I did some reading on the subject, and one file that came up was the tw.config file. However, when I did a search for the file, there was no instance of it on the server. My next thought was to modify the tw.pol file, and I did try to list some files to be excluded. However, when I tried to update the policy, I got an error message which indicated the syntax that I entered within the tw.pol file was incorrect.

If the tw.config file does not exist, can I create it, and modify the tw.pol file to indicate where the file is located on the server?

View 1 Replies View Related

Debian Installation :: Frequent Hanging After Installation Of Debian Squeeze

Apr 15, 2011

I have and old PC and for last years i had Debian Lenny on that and it was working great but after the Squeeze release, i downloaded the first CD image and did a fresh installation but after this it boots up with no problem (i must say since in Squeeze installation the option of creating a floppy diskette was not working properly i use SuperGrubDisk2 to boot the Debian), but few seconds after logging in, the system hangs (or maybe only the X11 since i use a historic nVidia TNT2 Riva graphic card!).

View 3 Replies View Related

Security :: Periodic Update Of Tripwire Policy File?

Jul 1, 2010

I have tripwire 2.4.1.2 running on one of our servers on a daily basis, and I was curious to know if it is good practice to periodically update the policy file. The reason for my asking that is while the daily reports that I get indicate there have been changes to files on a daily basis, there are also files that have not been modified for over a month. My thinking is an update of the policy file will establish an updated baseline, and those files that have not been changed for so long will not be reported on until they get changed again.

View 1 Replies View Related

Security :: Shell Login Tripwire - Optimal Place?

Jul 11, 2010

I have disabled root login in my remote shell and I have a pretty strong password. I am not happy though. I want to increase security. I've been thinking about installing some basic tripwire rig, like say, send myself an email every time I (or anyone) log in. My questions:

- What kind of data would be useful to be sent in that email? Anything else besides "user so-and-so logged in at {date and time}"?

- How would I achieve that? Is it enough to include it in .tcshrc (because my shell is tcsh)? Should I add it to other shells as well (.bashrc, .csh etc.) even though nobody uses the other shells? Is it better placed in some other file, like .login? What is the optimal place?

- Would that be enough? Can I make that whole idea more secure in any way?

View 11 Replies View Related

Fedora Security :: Tripwire Revealed File Size Differences?

May 14, 2009

Recently I decided to utilize an IDS system. So I installed Open Source Tripwire. Not that I am too worried about anyone gaining a successful foothold on my system. But I wanted to learn and experience this IDS system. And no, this is not a new server install but I have never seen anything that resembles illegal activity. My server is an installed CentOS 5.3 with SELinux in targeted mode.

Tripwire has brought to light some interesting things. Installation states to verify rpm packages using rpm -Va. I have found that many of my system binaries are not the same size as if I were to replace them via yum. Most of the binaries are like twice the size compared to a newly installed package, of the same version. I'm not sure what to make of this. These programs are the original installs (CentOS 5.1) and I keep the system up to date regularly via yum.

I wonder if perhaps these system files installed are perhaps different then individual package size installed via yum? I have a hard time believing this as a package is a package. The only other possibility that comes to mind is that nearly my entire system has been hacked with new system files, and in a way that has revealed and suggest nothing. I find that far fetched as I have run this server for some time now and I should think I would know a problem as not a morning goes by that I haven't review my logs, as they are emailed to me. Thoughts about the difference in file sizes? Those installed via CentOS DVD verses those installed via yum?

View 3 Replies View Related

Software :: Tripwire Reports Huge In Size / Reduce / Prune Them?

Jan 21, 2009

I have been asked to investigate some of our servers that run tripwire 2.3.0 on Red Hat Linux Advanced Server release 2.1AS (Pensacola)

We have the reports emailed to us using cron and twprint -m r -r report -t 4, it has been growing steadily and today it was 9mb It seems the database records go back to before 2004 and are being compared against today's files.

I really need to be informed what needs to be done to tripwire to keep it serviced through cron. I have tried to google this but could not find any information that seemed to answer my questions.

Looking at the following guide url step 6 talks about "Updating the Database after an Integrity Check" using

Code:
# tripwire --update --twrfile /var/lib/tripwire/report/<name>.twr Should I be using this command or should I be re-creating the db every month or so and using the #tripwire -init?

Extract from report -

Quote:

-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------

Rule Name Severity Level Added Removed
Modified
--------- -------------- ----- ------- --------
Invariant Directories 66 0 0 0
code....

I need to understand how to change the expected to the observed so the db will be up to date.

I would also like some of the rules explained:What does removed and added mean? Is it removed as it has not changed and added if it finds a new one that has?

Code:

-------------------------------------------------------------------------------
Rule Name: System boot changes (/lib/modules)
Severity Level: 100
-------------------------------------------------------------------------------
----------------------------------------
Added Objects: 3075
----------------------------------------
code....

View 1 Replies View Related

Red Hat :: Rhel 4.8 - Nc: Connecting - Cannot Get The Tripwire Server To Talk To The Agent On The Red Hat Machine

Dec 7, 2010

I have tripwire enterprise (not open source) agent running on one of my rhel4.8 web servers (I have actually tried with two servers with same results). The agent is a simple install rpm bin file and appears to be running as it should and the server for tripwire enterprise is set up accordingly. A windows tripwire enterprise agent is also on a windows machine that works perfectly well. But I cannot seem to get the tripwire server to talk to the agent on the red hat machine.

I can connect to port 9898 on the server, but the agent who also talks over the same port doesn't appear to be responding to the server on this port. There are no iptables set up to block the requests, there is no firewall set up (disabled) . Network team can see the packet requests being sent over the routers fine... So can't see why there would be a problem. So i reverted to the use of net cat.

Nc -l 9898 (on the agent machine)
Telnet <agent> 9898

But I get connection refused. Is there anything I could be missing here? Redhat is not my Linux of preference and it may be something obvious!

View 4 Replies View Related

Debian Installation :: Netinst - Fresh Installation Of Lenny Or Squeeze (either Or) And Not Install Exim?

Feb 26, 2010

I haven't used Debian in 1 year or so and would like to know if there is any possible way to do a fresh installation of Debian Lenny or Squeeze (either or) and not install Exim? I get to the package selection section of the Debian Installer and I de-select "Desktop Environment" & "Standard System" so nothing is selected and it still be default installs Exim. Is there a way to omit this from the install?

View 9 Replies View Related

Debian Installation :: Samsung Netbook N310 Dual-boot Installation (lenny + Xp)?

Nov 7, 2010

I recently bought a new Samsung netbook N310 and want to install dual-boot Debian lenny along with windows xp home edition. My CPU is like this: Intel Atom CPU N270 1.6GHz which architectures and kernels I should download from the cd installation? there are so many:alpha, amd64, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, and sparc.

View 4 Replies View Related

Debian Installation :: Installation Failed On Mobo Gigabyte G41M-ES2H?

Aug 1, 2010

explain the following issue I have with Debian IA 64:I tried on a PC (Mobo Gigabyte G41M-ES2H, core 2 duo, 4 GB RAM DDR2) the live CD of Debian Lenny IA64 and everything worked just fine, which was a very good thing because none of all other major ia64/i386 distros of Linux (Mandrake, ubuntu, fedora) did so. In a nutshell it seems that the IGP G41 chipset is the cause of these setup failure (Everything is OK when using a PCI-e graphic card that I need in another computer)rd as someone (viewtopic.php?=17&t=49186&p=282839&hilit=G41M+ES2H#p282839) successfully installed Lenny on a very similar mobo. To go to the point what I do not understand is when I launch the iso Cd to now install the same version of Debian, everything freezes at the very beginning of the boot and the screen goes blank.

View 4 Replies View Related

Debian Installation :: Remove Installation Menu From Windows Boot Manager ?

Aug 1, 2011

I've finished the installation of Debian Squeeze using Installer loader from Windows. But the Installer menu is still appear on Windows Boot Manager.

I've try to uninstall the "Installer Loader" from Windows and I got an error message about BCDEDIT (if I'm not wrong), during uninstallation process.

I ignore it, and continue the uninstallation process until complete. But, After I reboot my computer, the Installer menu is still appear on Windows Boot Manager.

I'm using Windows Vista Business SP2.

View 4 Replies View Related

Ubuntu Installation :: Only Get 1/2 Screen After Installation, And Force Back To Debian Squeeze?

Jul 6, 2010

My laptop is Toshiba Portege 2000. Every time after I installed new ubuntu release, I have to replace the xorg.conf to fix the resolution problem b/c I got 800 x 600 screen only. However, after the 10.04 installation. I only got 1/2 of the screen of resolution. I cannot even see most of my terminal screen.

View 2 Replies View Related

Debian Installation :: Install Grub On Master Bootloader / If Installation Is Going On Separate Hard Drive?

Feb 5, 2010

I am helping my pal to get into Debian (yes first timer).He is running W7 on a 500G SATA HDD and he has another 250G SATA HDD that he wants Debian to go to.Will Debian install grub on the master bootloader even if the installation is going on a separate hard drive?I have dual boot before but on the same hard drive.

View 6 Replies View Related

Debian Installation :: NVIDIA Quadro NVS 295 - Make Sure During Installation That GRUB Gets Configured To Stay In Character Mode Only?

Mar 2, 2011

I am trying to get Debian 6 to work on an hp Z400 - the problem is that it came with a NVIDIA Quadro NVS 295 graphics card; there may be a driver for Linux, but it doesn't matter, because GRUB insists on switching to some sort of graphics mode and the screen just blanks and switches itself off. Is there any way to make sure during installation that GRUB gets configured to stay in character mode only?

View 6 Replies View Related

Debian Installation :: Can't Boot After Installation Due To Video Card / Partitions?

Dec 22, 2014

After a fresh install of 7.7.0 (amd64), I'm unable to boot into Debian. I get the following error constantly when booting in recovery mode:

(snip) [drm] nouveau (snip) PMC - unhandled INTR 0x44000000

A bit of Googling seems to indicate that this is due to my video card (Geforce GTX 750Ti). Unfortunately, my motherboard doesn't have any monitor ports, so I'm forced to use a video card in order to use a monitor. Something I didn't foresee being an issue, but what can you do. How should I resolve this? Is there an ISO that has the (presumably non-free) drivers included? A way I can add the drivers during boot (I am able to boot into my Windows partition by changing the boot order, don't know if I can do anything useful from here)? Or do I have to do something crazy like buy/borrow an older video card just so I can properly boot into Debian, and then install the drivers?

I've got a secondary problem: GRUB has my Debian install as the only option, even though I had Windows 8.1 installed first. I don't know if this is related to the problem above, or it's a known problem with newer versions of Debian and/or Windows (and I have to update the menu.lst or whatever myself), or if it's due to the way I set up partitions. My current setup is:

SSD:
- Windows boot partition
- Windows main partition
- Debian / partition
- Debian swap partition
HDD:
- Debian EFI partition
- Debian /home partition
- Unallocated space (will eventually be a NTFS partition for shared storage)

This is the first time I'm using a motherboard with EFI/UEFI. It's also the first time I have an OS taking up partitions on multiple physical devices. I don't know if either is the cause of GRUB not detecting Windows.

View 2 Replies View Related

Debian Installation :: GRUB Installation On MBR Fails To Complete

May 10, 2013

I have downloaded the Wheezy DVD 1 and started the istallation process. The installation time is strangely very short in respect to the Squeeze release, anyway

The GRUB installation step fails. I terminated the installation without a bootloader and rebooted from DVD with the rescue boot option.

Now I asked for a console to try to manually install the bootloader but the following command:

# grub-install /dev/sda1
[where sda1 is my root partition]

gets the following message:

/bin/sh: grub-install: not found

What can I do?

View 14 Replies View Related

Debian Installation :: Don't Want To Partition Disks But Installation Insists

Oct 1, 2014

I'm creating a new debian virtual machine. As virtual disks are free, I want to use tree for my new machine. The scheme will be like this:

sda -> /boot
sdb -> /root
sdc -> swap

View 8 Replies View Related

Debian Installation :: ALX 10a1 Installation Without Network Connection

Oct 28, 2014

Currently my new server pc (Mobo - ASRock H97M-ITX/AC) is not connecting to the network and it seems to be due to the network card alx drivers. I have downloaded the compat drivers and backports associated with the issue in other posts and on other forums but haven't been able to get it running.

When I install a usb drive of any type to try and transfer the drivers over I get the messages "443.057769 sd 7:0:0:0: [sdb] Assuming drive cache: write though" & "443.057769 sd 7:0:0:0: [sdb] No Caching mode page found".

I have been looking around these forums and google for the past week or so and have tried re-installing and alternative hardware etc. with no luck.

View 3 Replies View Related

Debian Installation :: Debootstrap Installation On Btrfs Subvolumes

Sep 7, 2015

So I have installed Debian through debootstrap and it seemed to go off without a hitch, the problem came problem came about during the boot process. I am dual-booting with Arch and use Systemd-boot as my bootloader... it finds the kernal and initrd and starts to boot but I run into this problem where it gets to the options part for root and doesn't mount. have done this very same installation on virtualbox with ext4 filesystem and it worked without a hitch.. I know it has something to do with the btrfs subvolumes I'm so new to Debian I haven't made it past this installation process..

here is my lsblk
Code: Select all   
sda        8:0      0    /My_Files
sdb        8:32    0    /home
sdc        8:48    0     

[code]....

I have installed btrfs-tools and I don't know what the following means... It seems to do the first two fine, vmlinuz and initrd.img but it doesn't find my root because maybe it doesn't recognize the 'rootflags' tag? or Debian doesn't automatically deal with btrfs-subvolumes nicely?

Code:

Select allBegin: checking root file system . . . fsck from util-linux 2.25.2
/sbin/fsck.btrfs: BTRFS file system
mount: mounting PARTUUID=................................................................ on /root failed
Target filesystem doesn't have requested /sbin/init

View 14 Replies View Related

Debian Installation :: Grub Installation To NVMe Device

Nov 4, 2015

I'm attempting to install Debian to an NVMe SSD (Samsung 950 Pro), however both Jessie and Stretch images fail to install grub.

Checking the syslog reveals the following error:
grub-probe: error: failed to get canonical path of /dev/nvme0n1p5

Further Information:
Fast-boot is disabled in the UEFI, and boot mode is set to UEFI only, no CSM. I do not see any option for 'Secure Boot' if it's relevant to the issue.Windows 10 has already been installed, which created several partitions. The ESP/EFI partition appears to be on nvme0n1p2I only created one partition for Debian - / on nvme0n1p5, no separate partitions for /boot, /home etc.

View 3 Replies View Related

Debian Installation :: Squeeze - Installation Has Stopped Completely At

Jul 30, 2010

Trying to install squeeze again and everything has gone ok including network connection & partitioning & retrieved 916 packages from mirror.

But now installation has stopped completely at: Configuring ca-certificates

And will not proceed further.

View 3 Replies View Related

Debian Installation :: Create An Encrypted Partition During Installation?

Jul 30, 2010

Installing Debian on a new laptop and read that Debian-Installer (DI) can create an encrypted partition (/home) during installation.However, when I went through installation and started the manual partitioning (standard, non-lvm) , I am unable to locate the encryption option.

View 8 Replies View Related

Debian Installation :: Standard System During Package Installation

Sep 12, 2010

When you get to the package installation you get by default:

Desktop Environment
Standard System

Which i disable for my minimal installation.Out of curiosity, can somebody tell me what is installed with the Standard System?

View 3 Replies View Related

Debian Installation :: Skip Undetected Hardware During Installation

Oct 31, 2010

I'm new here especially in Debian . A couple days ago i was try to install stable release of debian lenny. But it's unsuccessful because my network adapter isn't detected or debian can't find a correct driver for it.Is there any way to skip that kind of stuff? It's mean that because i'm not using the network adapter either ( I'm using broadband connection USB ). And the CD 1 is contained gnome already right?

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved