< Back to index


Tripwire is a free and open-source software tool. It functions as a host-based intrusion detection system. It does not concern itself directly with detecting intrusion attempts in real time at the periphery of a computing system (as in network intrusion detection systems), but rather looks for and reports on the resultant changes of state in the computing system under observation.

Intruders usually leave traces of their activities (changes in the system state). Tripwire looks for these by monitoring key attributes of files that should not change—including binary signatures, size, expected changes in size, etc.—and reporting its findings.

While useful for detecting intrusions after the event, it can also serve many other purposes, such as integrity assurance, change management, policy compliance, and more.

The original developer of the software was Tripwire, Inc. However, the product has evolved in open source.
This entry uses material from from Wikipedia, the leading user-contributed encyclopedia. It is licensed under the GNU Free Documentation License. Disclaimer.