Host intrusion monitoring
Created: 18 Sep 2012 | 3 comments
I am fine tuning a Tripwire installation and want to see if anyone out there has any recommendations on what files, logs, etc, you might monitor for tampering? At present I have a combination of files, logs, etc, that are monitored, however, I'd like to know if anyone has other recommendations
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
The Trouble With Tripwire
http://www.symantec.com/connect/articles/trouble-tripwire
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
I had read this once before, what about Windows side?
SAM and HOSTS file.
SEP Knowledge Base
Endpoint SWAT
Would you like to reply?
Login or Register to post your comment.