I'm a bit confused. This page:
states Open Source Tripwire runs on any server but only Linux desktops. Am I the only one that confuses? And so I come to this page:
hoping for clarity and all I can find is that it runs "on a range of systems".
Hmmm … can someone provide clarity here? I have a Windows 7 desktop I'm looking at protecting found a great Tripwire recommendation but shan't bother downloading it if it's not even supported on a Windows 7 desktop.
If I should have found the answer to this somewhere on this site and failed, my apologies. In any case my recommendation would be to state it clearly on the page above.
Well, this is the difference between a commercial version and an opensource one. If you want to help out by contributing a build for windows stations, i'll be happy to test and add it :)
I'm happy to try some time as time permits. But that wasn't the gist of my question. I think inplicitly in a round about way you've answered it, suggestinga windows build is not available. Whaty i suggested is clarity on the front page about that that's all. What is, and what isn't available so to speak, i.e. what platforms are and aren't supported.
I've only got thE xpress edition of Visual C++ though and someimes run into issues building rich software that uses libraries no packed. But if it's a cross platform source base that's less likely to be an issue, I'll see if I can get it built. Don't wait up of course ;-).
I have the same dilemma. I started using Tripwire shortly after Gene^2 put it up on COAST, and I've stuck to Unix, Linux, and Mac systems for the most part. Now, I find myself with a new Windows 7 machine, and I'd like to have that level of IDS for it. But Tripwire.com seems to have focused exclusively on the enterprise market; they don't seem interested in small installations or individuals.
I've read that AIDE (similar to Tripwire) runs under Cygwin, and Cygwin runs on both 32 bit and 64 bit Windows, including Windows 7. I don't know much about AIDE, although I read decent things about it in my previous life as a computer security guy for a large installation. I did a quick search of the Open Source Tripwire forums and didn't find the word "Cygwin" at all, so I don't know if anyone has gotten Open Source Tripwire to run under Cygwin.
I plan to install Cygwin and AIDE to see if I can get something to work. I don't know how AIDE under Cygwin will handle such challenges as Windows ACLs, metadata, and prebinding (I'm not even sure Win7 does prebinding). AIDE under Cygwin may only handle POSIX-style permissions, for example. I haven't even begun to do the research.
Another possibility I'm considering is the hash option of the Sigcheck utility in Microsoft's sysinternals. I don't know if anyone has put this utility into a larger package that checks a large number of files against a previous database of hashes. And I don't know how horribly slow it will be.
If you discover something, please write back with your findings. I'll do the same.