Re: Tripwire in bin-directory?
Michael Meskes wrote:
>
> On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
> > this is not unlikely, that's the way it should be according
> > to the READMEs.
>
> Oops, forgot that I wrote it down there. :-)
ah, you are the maintainer of it. Cool. BTW there is a typo
in ztripwire, which is known since two years! ok, it's just
a small one, but a little strange, too. (You get no error-message,
but instead a new file called "2" with the message in it).
>
> > With ztripwire the database and the binaries fit onto a 1.44MB floppy,
> > which
>
> But only if your database is rather small. I ran out of space sometimes.
yes, i exclude /home and /dev and directories containing docu.
BTW, why protect /dev at all?
>
> > is hardware write-protected mounted on /usr/lib/tripwire.
> > I think that this i quite save, because the binaries and the databases
> > can't be changed remotely.
>
> Yes. It cannot protect against a full root access though. Once an intruder
> gets this your at a loss.
If you got a friendly intruder who got root, and who only changes some
things,
you will be able to detect it.
>
> Michael
> --
> Michael Meskes
> Michael@Fam-Meskes.De
> Go SF 49ers! Go Rhein Fire!
> Use Debian GNU/Linux! Use PostgreSQL!
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
Thomas Guettler <guettli@interface-business.de>
http://www.interface-business.de
Reply to: