| 1 |
Hi, |
| 2 |
|
| 3 |
Am So, den 04.04.2004 schrieb Holger Kettler um 14:40: |
| 4 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 5 |
> Hash: SHA1 |
| 6 |
> |
| 7 |
> Absender Tobias Weisserth: |
| 8 |
> > That's why I install and set up Tripwire right after I did a perfectly |
| 9 |
> > good installation. I don't know of any way an intruder could sneak |
| 10 |
> > around a good Tripwire setup. It's on all my machines first thing after |
| 11 |
> |
| 12 |
> Seriously, there *IS* at least one root-kit specially designed to fool |
| 13 |
> tripwire. |
| 14 |
|
| 15 |
That's why I wrote a *good* Tripwire setup :-) |
| 16 |
|
| 17 |
How should a root kit fool my Tripwire setup if the necessary binaries |
| 18 |
and the database are on a mounted CD? :-) This is *extremely* unlikely |
| 19 |
and probably demands a *very* difficult attack approach. |
| 20 |
|
| 21 |
I'm doing the same with chkrootkit. Write protected media can't be |
| 22 |
fooled :-) |
| 23 |
|
| 24 |
regards, |
| 25 |
Tobias |
| 26 |
|
| 27 |
|
| 28 |
-- |
| 29 |
gentoo-security@g.o mailing list |
Archives