Re: checking system integrity

To: debian-devel@lists.debian.org
Subject: Re: checking system integrity
From: Matt Zimmerman <mdz@debian.org>
Date: Fri, 9 Feb 2001 02:42:35 -0500
Message-id: <[🔎] 20010209024234.B17037@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.21.0102090805130.10038-100000@wr-linux02>; from tillea@rki.de on Fri, Feb 09, 2001 at 08:10:58AM +0100
References: <[🔎] 84ae7w77jk.fsf@snoopy.apana.org.au> <[🔎] Pine.LNX.4.21.0102090805130.10038-100000@wr-linux02>

On Fri, Feb 09, 2001 at 08:10:58AM +0100, Andreas Tille wrote:

> On 9 Feb 2001, Brian May wrote:
> 
> > Then again, looking at tripwire, I can't see what protects the
> > tripwire executable from being tampered with either. I don't think it
> > is possible unless you can mount it from some media that is guaranteed
> > to be read-only (eg write protected floppy disk or read-only exported
> > NFS).
> I wouldn't trust NFS on a secure system.  I think protected floppy
> disk or CD is better.  According to secure tripwire what about starting
> tripwire from a script an the write-protected medium which compares
> MD5 sum of tripwire first?

If the system has been compromised, you can't even trust executables on secure
media, as you can't be sure that you're actually executing what you think
you're executing.

-- 
 - mdz

Reply to:

Follow-Ups:
- Re: checking system integrity
  - From: Brian May <bam@debian.org>

References:
- Re: checking system integrity
  - From: Brian May <bam@debian.org>
- Re: checking system integrity
  - From: Andreas Tille <tillea@rki.de>

Prev by Date: Re: ITP: log2mail - sends email if a pattern in a certain logfile is matched.
Next by Date: Re: external Debian list
Previous by thread: Re: checking system integrity
Next by thread: Re: checking system integrity
Index(es):
- Date
- Thread