[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian audititing tool?

On Thu, Dec 21, 2000 at 03:22:10PM +0000, Colin Phipps wrote:
> > Well and the one that you won't catch to much more damage to your system
> > and create a higher risk then the one you catch. 
> Agreed, if someone gets root on your system there's no way you can 
> guarantee detecting it. But you can try. Whether md5sums is worthwhile 
> I don't know, I guess you'd have to look for some statistics on 
> rootkits and such...

Well, you certainly can't catch them with debsums.

You can probably catch them with tripwire, if you're willing to spend
lots of time and effort using it.

I was motivated by the idea that Debian could do much better than
tripwire - ie, the same security, with much less effort on the part of
the administrator.


|> |= -+- |= |>
|  |-  |  |- |\

Peter Eckersley
for techno-leftie inspiration, take a look at

Attachment: pgpEHmB3CAD_I.pgp
Description: PGP signature

Reply to: