# SLUG Mailing List Archives

## [SLUG] Re: Experiences with Tripwire?

• To: Penguinillas <slug@xxxxxxxxxxx>
• Subject: [SLUG] Re: Experiences with Tripwire?
• From: Angus Lees <gusl@xxxxxxxxxxxxxxx>
• Date: Tue Oct 31 20:54:19 2000
• User-agent: Mutt/1.0.1i

\begin{Jeff Waugh}
> So, Tripwire has been released under the GPL... http://www.tripwire.org/
> I haven't had the opportunity to play with it so far - would anyone like to
> give a quick review (based on previous versions, whatever)? Especially with
> regards to how GPLing it will enhance it...

tripwire is such a trivially simple idea that i'm extremely surprised
they thought they could base a business off it.

all it does is checksum the contents of a file and its inode and
directories. to be really fancy, it uses more than one checksum
algorithm. then you can run it again and it does a diff between the
stored hashes and the new ones.

the trickiest bit is the config file parsing, since you have fairly
fine control over what you want to checksum for each file.

its not a lot of perl code to reproduce it. see AIDE for example.

re: enhancing it

you could clean up the command line syntax, use lib{z,bz2} for the
stored hashes, etc but there isn't much point adding more
functionality to it. its supposed to be a simple tool (that can fit on