On Wed, Apr 26, 2000 at 10:14:25AM +0200, Ingemar Fällman wrote: > But tripwire does not save the checksums on a "safe place" by default... > And it does not update the checksums when a package is updated, and > when the debian packages has checksums.. why don't use them to get > some better security... Prudent security dictates that you store the TripWire or AIDE databases on an off-machine database. For best security, place the database on a floppy, Zip cartrige or CD-RW and take it out of the machine. Then it is impossible for a remote attack against it. -- --Brad ============================================================================ Bradley M. Alexander | Co-Chairman, Beowulf System Admin/Security Specialist | NoVALUG/DCLUG Security SIG Winstar Telecom | balexander@winstar.com (703) 889-1049 | storm@tux.org ============================================================================ -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS/E/CC d- s+:+ a C+++ ULS++++$ P+ L+++ E- W++ N- o? K w--- O+ M+ V- !PS PE Y++ PGP+++ t++ 5+ X- R(+) tv(+) b+DI++ D+ G e* h* r+++ y? ------END GEEK CODE BLOCK------
Attachment:
pgpwa9Ko5QrdX.pgp
Description: PGP signature