Tripwire: Notifikasi e-mail
Revision as of 07:28, 25 January 2011 by Onnowpurbo (talk | contribs)
Kita dapat melaporkan kejadian menggunakan tripwire dan ini harus ditulis pada file Tripwire
/etc/tripwire/twpol.txt
contoh e-mail admin bob@domain.com;sam@domain.com
( rulename = "Networking Programs", severity = $(SIG_HI), emailto = bob@domain.com;sam@domain.com )
encrypt policy
cd /etc/tripwire twadmin --create-polfile --cfgfile ./tw.cfg --site-keyfile ./site.key ./twpol.txt
Konfigurasi SMTP Server
Edit
vi /etc/tripwire/twcfg.txt
Pastikan misalnya
MAILMETHOD =SMTP SMTPHOST =smtp.telkom.net SMTPHOST =222.124.18.79 (kalau mau aman) SMTPPORT =25
encrypt konfigurasi
cd /etc/tripwire twadmin --create-cfgfile --cfgfile ./tw.cfg --site-keyfile ./site.key ./twcfg.txt
Test e-mail message
Untuk mentest notifikasi e-mail kita dapat mengunakan perintah berikut
/usr/sbin/tripwire --test --email your@email.address
Test e-mail akan dikirim langsung ke e-mail address oleh tripwire