Used to fingerprint important files (/etc/tripwire/twpol.txt) and save the
fingerprints in a database (/var/lib/tripwire/$(HOSTNAME).twd)
# /usr/sbin/tripwire --check
Used later to check that fingerprints of important files has not changed (ie by a rootkit).
Database should be moved to secure system between checks. Best to boot to single user mode, reinstall tripwire (or mount directories with installation intact) and then check with offline stored database.
SE Linux (hardening) fine grained permissions for linux
Bastille Linux (system hardening)
The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works.
An article on hardening with Bastille linux.
Windows Policy Editor gpedit.msc (XP Pro, Server) (system hardening)
Used to configure system wide policies. For example, passwords, lengths, expiration etc.
Windows Baseline Security Analyzer (system hardening)
Analyze windows system, identify security vulnerabilities weak points.
Windows Event Viewer (intrusion detection/system monitoring)
like /var/log under linux.