Re: checking system integrity
>>"Brian" == Brian May <email@example.com> writes:
>>>>> "Chad" == Chad C Walstrom <firstname.lastname@example.org> writes:
Chad> On Fri, Feb 09, 2001 at 01:36:12PM +1100, Sam Johnston wrote:
>>> sounds like tripwire which is now apparently available under the GPL:
Chad> What about AIDE?
Brian> Correct me if I am wrong, but it sounds like to me that it doesn't
Brian> have anything to protect the database from being tampered with
Brian> (otherwise it probably would be in non-US not main).
Brian> Then again, looking at tripwire, I can't see what protects the
Brian> tripwire executable from being tampered with either. I don't think it
Brian> is possible unless you can mount it from some media that is guaranteed
Brian> to be read-only (eg write protected floppy disk or read-only exported
Brian> For example, what is to stop me, as the attacker, from replacing the
Brian> tripwire binary, so that it appears to do all the checks OK, but fails
Brian> to report any differences?
My solution to this eternal who shall watch the watcher
problem is to md5sum the database and the binary, and detach-sign
that file. I verify the database and binary at random times
(basically, whenever I think about it).
The generation of random numbers is too important to be left to
Manoj Srivastava <email@example.com> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C