[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: checking system integrity

sounds like tripwire which is now apparently available under the GPL:


perhaps your time would be better spent packaging this up to replace the
non-free version below?:

bash-2.04$ apt-cache show
Package: tripwire
Priority: extra
Section: non-free/admin
Installed-Size: 576
Maintainer: Stephen Zander <gibreel@debian.org>
Architecture: i386
Version: 1.2-16.1
Depends: libc6 (>= 2.1)
Filename: dists/potato/non-free/binary-i386/admin/tripwire_1.2-16.1.deb
Size: 314434
MD5sum: 3525d008b2aa8888699691d99b59fd79
Description: A file and directory integrity checker.
 Tripwire is a tool that aids system administrators and users in
 monitoring a designated set of files for any changes.  Used with
 system files on a regular (e.g., daily) basis, Tripwire can notify
 system administrators of corrupted or tampered files, so damage
 control measures can be taken in a timely manner.

On 9 Feb 2001, Brian May wrote:

> Hello,
> Previously there were proposals on this mailing list to check the
> system integrity, by saving the md5sums of files. However, this
> has a number of limitations:
> - no way to ensure md5sum is not altered (unless stored on read-only
> media).
> - no way to check symlinks.
> - no way to check other parameters, eg. permissions, and file size
> (people have said just checking the md5sum by itself is not good
> enough, you need to check the size, too).
> So, I have started of by writing perl scripts that
> a) construct an index file (XML based) that records parameters of the
> file (eg md5sum, size, symlink).
> b) allows signing this file (as many times as required) with gpg. eg.
> you could sign the file on the original computer, securely transfer it
> to another, and sign it with another key there.
> All files are combined into one ar archive.
> So basically I reduce the problem from "has file X changed" to "are
> the public keys correct and the programs used to validate this
> information correct?"
> (note: the signatures could be validated on another computer too, if
> you trust it more).
> Probably the hardest bit is ensuring that the program carries out its
> checks on files correctly. Ideally the program should be statically
> linked in compiled form, so it can be run from read-only floppy disk,
> for instance (currently it is written in Perl)
> Although it works, there are a number of implementation issues I still
> need to fix (eg. rewriting it in C).
> Comments?

Reply to: