1 |
Right, I know it's not like tripwire. Just suggesting something to add |
2 |
to a default install, but you're right about just updating those files |
3 |
too. |
4 |
|
5 |
I think it'd be beneficial to come up with something that could be used |
6 |
for built in integrity checking, but I'm not sure how to do it... |
7 |
suggestions? |
8 |
|
9 |
-James |
10 |
|
11 |
On Feb 9, 2004, at 3:10 PM, Christian Schwede wrote: |
12 |
|
13 |
> James Dennis wrote: |
14 |
> |
15 |
>> Anyway, my point is, it would be nice if Gentoo came with something |
16 |
>> similar to what OpenBSD has. It's like tripwire, but stripped down |
17 |
>> and built into cron right from the get go to check your system for |
18 |
>> file changes. |
19 |
> |
20 |
> No, it's not like tripwire. You can't update the tripwire database |
21 |
> without the right password and that makes tripwire unique. OpenBSD |
22 |
> just keeps copies of important files (located in /var/backups) and |
23 |
> diffs them once a day. So if you got rooted, someone can simply update |
24 |
> these files by hand and you wouldn't recognize the changes. |
25 |
> If you want to have something like that, it shouldn't be a problem to |
26 |
> write a shell script on your own. |
27 |
> |
28 |
> |
29 |
> Cheers, Christian. |
30 |
> |
31 |
|
32 |
|
33 |
-- |
34 |
gentoo-security@g.o mailing list |