Skip to main content
USENIX
  • Conferences
  • Students
Sign in

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป Experiences with Tripwire: The Evaluation and Writing of a Security Tool
Tweet

connect with us

Experiences with Tripwire: The Evaluation and Writing of a Security Tool

Authors: 

Gene H. Kim and Eugene H. Spafford, Purdue University

Abstract: 

Tripwire is an integrity checking program written for the Unix environment that gives system administrators the ability to monitor file systems for added, deleted, and modified files. First released in November of 1992, Tripwire has undergone several updates and is in current use at thousands of machines worldwide.

This paper begins with a brief overview of what Tripwire does and how it works. We discuss how certain implementation decisions affected the course of Tripwire development. We also present other applications that have been found for Tripwire. These unanticipated uses guided the demands of some users, and we describe how we addressed some of these demands without compromising the ability of Tripwire to serve as a useful security tool.

We also discuss the process of releasing, and then supporting, a widely available and widely used tool across the Internet, and how meeting users' high expectations affects this process. How these issues affected Tripwire, done as as an independent study by an undergraduate, is also discussed. Software tools that were used in developing and maintaining Tripwire are presented. Finally, we discuss problems that remain unresolved and some possible solutions.

Gene H. Kim, Purdue University

Eugene H. Spafford, Purdue University

BibTeX
@inproceedings {252290,
author = {Gene H. Kim and Eugene H. Spafford},
title = {Experiences with Tripwire: The Evaluation and Writing of a Security Tool},
booktitle = {USENIX 1994 UNIX Applications Development Symposium (USENIX 1994 UNIX Applications Development Symposium)},
year = {1994},
address = {Toronto, Ontario},
url = {https://www.usenix.org/conference/usenix-1994-unix-applications-development-symposium/experiences-tripwire-evaluation-and},
publisher = {USENIX Association},
month = apr,
}
Download

Links

Paper: 
http://usenix.org/publications/library/proceedings/appdev94/full_papers/kim.ps
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us