[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Checksums on ftp]

On Wed, Apr 26, 2000 at 10:14:25AM +0200, Ingemar Fällman wrote:

> But tripwire does not save the checksums on a "safe place" by default...
> And it does not update the checksums when a package is updated, and
> when the debian packages has checksums.. why don't use them to get
> some better security...

Prudent security dictates that you store the TripWire or AIDE databases on
an off-machine database. For best security, place the database on a floppy,
Zip cartrige or CD-RW and take it out of the machine. Then it is impossible
for a remote attack against it.

Bradley M. Alexander                     |   Co-Chairman,
Beowulf System Admin/Security Specialist |    NoVALUG/DCLUG Security SIG
Winstar Telecom                          |   balexander@winstar.com
(703) 889-1049                           |   storm@tux.org
Version: 3.1
GCS/E/CC d- s+:+ a C+++ ULS++++$ P+ L+++ E- W++ N- o? K w--- O+ M+ V- !PS
PE Y++ PGP+++ t++ 5+ X- R(+) tv(+) b+DI++ D+ G e* h* r+++ y?

Attachment: pgpwa9Ko5QrdX.pgp
Description: PGP signature

Reply to: