Re: checking system integrity
On Fri, Feb 09, 2001 at 09:25:13AM -0600, Manoj Srivastava wrote:
> >>"Brian" == Brian May <firstname.lastname@example.org> writes:
> Brian> For example, what is to stop me, as the attacker, from replacing the
> Brian> tripwire binary, so that it appears to do all the checks OK, but fails
> Brian> to report any differences?
> My solution to this eternal who shall watch the watcher
> problem is to md5sum the database and the binary, and detach-sign
> that file. I verify the database and binary at random times
> (basically, whenever I think about it).
Verifying the database is the easy part; it can be done completely offline, on
an isolated system. The hard part is verifying the system against the
database, with a definitive answer as to whether anything has changed _or not_.