Question: An example of a host-based intrusion detection tool is the tripwire program. This is a file integrity checking tool that scans files and directories on

An example of a host-based intrusion detection tool is the tripwire program. This is a file integrity checking tool that scans files and directories on the system on a regular basis and notifies the administrator of any changes. It uses a protected database of cryptographic checksums for each file checked and compares this value with that recomputed on each file as it is scanned. It must be configured with a list of files and directories to check, and what changes, if any, are permissible to each. It can allow, for example, log files to have new entries appended, but not for existing entries to be changed. What are the advantages and disadvantages of using such a tool? Consider the problem of determining which files should only change rarely, which files may change more often and how, and which change frequently and hence cannot be checked. Consider the amount of work both in the configuration of the program and on the system administrator monitoring the responses generated.

Step by Step Solution

3.45 Rating (164 Votes )

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock

A file integrity checking tool such as tripwire can be very useful in identifying changed files or d... View full answer

blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Document Format (1 attachment)

Word file Icon

765-E-T-E-C-S (607).docx

120 KBs Word File

Students Have Also Explored These Related Telecommunication Engineering Questions!

Q:

Explain the difference between anomaly intrusion detection and signature intrusion detection.

Q:

Give an example of dehydration synthesis. Give an example of a hydrolysis reaction. How are these reactions related?

Q:

An example of a pick-up nuclear reaction is 3/2He + 12/6C X + a/ (a) Why is it called a pickup reaction? (b) What is the resulting nucleus? (c) What is the Q-value of this reaction? Is the reaction...

Q:

Need help with a Networking and Computer Security Question (IFT 302 info and computer security fundatmentals) An example of a host-based intrusion detection tool is the tripwire program. This is a...

Q:

5. An example of a host-based intrusion detection tool is the tripwire program. This is a file integrity-checking tool that scans files and directories in the system on a regular basis and notifies...

Q:

An example of a host-based intrusion detection tool is the tripwire program.This is a file integrity checking tool that scans files and directories on the system on a regular basis and notifies the...

Q:

What are the advantages and disadvantages of using a file integrity checking tool (e.g., tripwire). This is a program which notifies the administrator of any changes to files on a regular basis?...

Q:

The target organization for this project is a mid-sized law firm with approximately 250 employees. The firm has one main location in Dallas Texas with several floors and multiple conference rooms, as...

Q:

I have to create a program in C and I can't figure it out. The program has to read a source file. Please help. /******************************************************************** PROJECT: Glossary...

Q:

The project is going well so far, and the analysis and discussion of the vulnerabilities was well-received. You realize that when vulnerability scanning takes place, employees need to know what the...

Q:

You purchased 100 shares of stock in an oil company, Texas Energy, Inc., at $50 per share. The company has 1 million shares outstanding. Ten days later, Texas Energy announced an investment in an oil...

Q:

Based on the following, should we buy this new digital printing system? Use the table below to plan your cash flows. Bold boxes are where #s should go. Initially cost $1 million. It will save...

Q:

Dividends is classified as a ( n ) : [ Select ] [ " Asset " , "Liability", "Common Stock", "Dividend", "Revenue", "Expense" ] , and it is increased with a: [ Select ] [ " Debit " , "Credit" ]

Q:

Outline two personality characteristics that you think are important for a successful manager to have. [4]

Q:

A model for a standard two D-cell flashlight is shown. Find the power dissipated in the lamp. 1- lamp 15 V 1.3 V

Q:

The speed reducer of Prob. 1424 is to be used for an application requiring 40 hp at 1145 rev/min. Estimate the stresses of pinion bending, gear bending, pinion wear, and gear wear and the attendant...

Q:

The gearset of Prob. 1424 needs improvement of wear capacity. Toward this end the gears are nitrided so that the grade 1 materials have hardnesses as follows: The pinion core is 250 and the pinion...

Q:

Red, Incorporated, Yellow Corporation, and Blue Company each will pay a dividend of $1.45 next year. The growth rate in dividends for all three companies is 5 percent. The required return for each...

Q:

for(int i=0;i

Q:

Here are data on two companies. The T-bill rate is 5.4% and the market risk premium is 8.3%. Company $1 Discount Store Everything $5 Forecast return 16% 15% Standard deviation of returns 26% 28% Beta...