An example of a host-based intrusion detection system is the tripwire software. This programme scans the system's files and directories and alerts the administrator of any changes. For each file examined, it uses a secure database of cryptographic checksums and compares them as they are scanned. It must be configured with an authorised change list and a list of files and directories to examine. It can enable new entries to be added to log files, but it cannot change existing ones. What are the advantages and disadvantages of using such a tool? Think about the decision of which files should be verified and which should only be inspected seldom. Take into account the time spent setting up the application and keeping track of the outcomes.
An example of a host-based intrusion detection system is the tripwire software. This programme scans the system's files and directories and alerts the administrator of any changes. For each file examined, it uses a secure
Step by step
Solved in 3 steps