[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Tripwire in bin-directory?

Michael Meskes wrote:
> On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
> > this is not unlikely, that's the way it should be according
> > to the READMEs.
> Oops, forgot that I wrote it down there. :-)

ah, you are the maintainer of it. Cool. BTW there is a typo
in ztripwire, which is known since two years! ok, it's just
a small one, but a little strange, too. (You get no error-message, 
but instead a new file called "2" with the message in it).

> > With ztripwire the database and the binaries fit onto a 1.44MB floppy,
> > which
> But only if your database is rather small. I ran out of space sometimes.

yes, i exclude /home and /dev and directories containing docu.
BTW, why protect /dev at all?

> > is hardware write-protected mounted on /usr/lib/tripwire.
> > I think that this i quite save, because the binaries and the databases
> > can't be changed remotely.
> Yes. It cannot protect against a full root access though. Once an intruder
> gets this your at a loss.

If you got a friendly intruder who got root, and who only changes some
you will be able to detect it.

> Michael
> --
> Michael Meskes
> Michael@Fam-Meskes.De
> Go SF 49ers! Go Rhein Fire!
> Use Debian GNU/Linux! Use PostgreSQL!
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Thomas Guettler <guettli@interface-business.de>

Reply to: