| 1 |
Right, I know it's not like tripwire. Just suggesting something to add |
| 2 |
to a default install, but you're right about just updating those files |
| 3 |
too. |
| 4 |
|
| 5 |
I think it'd be beneficial to come up with something that could be used |
| 6 |
for built in integrity checking, but I'm not sure how to do it... |
| 7 |
suggestions? |
| 8 |
|
| 9 |
-James |
| 10 |
|
| 11 |
On Feb 9, 2004, at 3:10 PM, Christian Schwede wrote: |
| 12 |
|
| 13 |
> James Dennis wrote: |
| 14 |
> |
| 15 |
>> Anyway, my point is, it would be nice if Gentoo came with something |
| 16 |
>> similar to what OpenBSD has. It's like tripwire, but stripped down |
| 17 |
>> and built into cron right from the get go to check your system for |
| 18 |
>> file changes. |
| 19 |
> |
| 20 |
> No, it's not like tripwire. You can't update the tripwire database |
| 21 |
> without the right password and that makes tripwire unique. OpenBSD |
| 22 |
> just keeps copies of important files (located in /var/backups) and |
| 23 |
> diffs them once a day. So if you got rooted, someone can simply update |
| 24 |
> these files by hand and you wouldn't recognize the changes. |
| 25 |
> If you want to have something like that, it shouldn't be a problem to |
| 26 |
> write a shell script on your own. |
| 27 |
> |
| 28 |
> |
| 29 |
> Cheers, Christian. |
| 30 |
> |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
gentoo-security@g.o mailing list |
Archives