Brandon's Notepad

July 14, 2014

Open Source Tripwire Reference

Filed under: Computer Software,Linux — Brandon @ 10:34 am
Tags: , , , , ,

Home > My Lists > Technical Notes > Tripwire > Open Source Tripwire Reference


There is a lot of reference material on the Web about Open Source Tripwire. This page includes references to the sources I’ve used to understand how the system works.


How-To Guides

Writing Policy Files

Linux Man Pages


Tripwire

Filed under: Computer Software,Linux — Brandon @ 10:29 am
Tags: , , , , ,

Short URL: http://goo.gl/dI9WgX
Home > My Lists > Technical Notes > Tripwire


Tripwire is an intrusion detection system. It monitors file systems and stores various attributes about the files for later comparison. When it detects that a monitored file has changed since the baseline scan, it alerts someone (e.g. system administrator, data security, etc.) via e-mail who can either verify that the change was authorized and update the baseline, or have the change reversed. The Open Source product is based on code provided by Tripwire Inc.. The commercial offering includes a robust reporting and security policy management built around the core product.


Open Source Tripwire Reference
How Tripwire Works In Plain English (future post)
Other Uses For Tripwire


March 1, 2010

The Mark Of The Web

Home > My Lists > Programming Notes > HTML & CSS > The Mark Of The Web


Starting with IE for XP SP2, web pages generated locally (e.g. in a temp directory) do not load properly in Internet Explorer if they include Active Content. This is a result of improved security surrounding the Local Machine Zone. Depending on your operating environment, it may not be possible or desirable to change IE’s security settings; moreover, such changes would have to be applied to all machines accessing local content. The “Mark of the Web” is a better solution.


Microsoft has implemented a new feature called the “Mark of the Web” (or MOTW for short). It is a specially-formated HTML comment that directs IE to open the page in the same security zone as the specified URL. Two valuable examples are:

<!-- saved from url=(0014)about:internet -->

and

<!-- saved from url=(0016)http://localhost -->

Under default security settings, IE is forced to open the page with the former code in the Internet Zone and a page with the latter code in the Local Intranet Zone. The number in parentheses is the number of characters in the URL.

Source: http://msdn.microsoft.com/en-us/library/ms537628(VS.85).aspx


Blog at WordPress.com.