Re: Tripwire in bin-directory?
Michael Meskes wrote:
> On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
> > this is not unlikely, that's the way it should be according
> > to the READMEs.
> Oops, forgot that I wrote it down there. :-)
ah, you are the maintainer of it. Cool. BTW there is a typo
in ztripwire, which is known since two years! ok, it's just
a small one, but a little strange, too. (You get no error-message,
but instead a new file called "2" with the message in it).
> > With ztripwire the database and the binaries fit onto a 1.44MB floppy,
> > which
> But only if your database is rather small. I ran out of space sometimes.
yes, i exclude /home and /dev and directories containing docu.
BTW, why protect /dev at all?
> > is hardware write-protected mounted on /usr/lib/tripwire.
> > I think that this i quite save, because the binaries and the databases
> > can't be changed remotely.
> Yes. It cannot protect against a full root access though. Once an intruder
> gets this your at a loss.
If you got a friendly intruder who got root, and who only changes some
you will be able to detect it.
> Michael Meskes
> Go SF 49ers! Go Rhein Fire!
> Use Debian GNU/Linux! Use PostgreSQL!
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org
Thomas Guettler <email@example.com>