| 1 |
On Thursday 25 March 2004 22:05, Sandino Araico Sánchez wrote: |
| 2 |
> |
| 3 |
> It should be possible to add a feature to emerge that updates installed |
| 4 |
> packages MD5 to the tripwire database so the next time tripwire runs it |
| 5 |
> doesn't report false positives. |
| 6 |
|
| 7 |
But the same methodology used to update the tripwire database from emerge |
| 8 |
could be exploited by attackers to update the database by hand (a silently |
| 9 |
compromised protected system is more dangerous than a silently compromised |
| 10 |
unprotected one). Unless some sort of very very imaginative key pair is |
| 11 |
created to ensure a secure and limited interaction between tripwire and |
| 12 |
emerge. |
| 13 |
|
| 14 |
> |
| 15 |
> >Michel Wilson. |
| 16 |
|
| 17 |
-- |
| 18 |
Lars Goldschlager |
| 19 |
=========================== |
| 20 |
Software Engineer. |
| 21 |
Telephony Business Group. |
| 22 |
IFX Networks. |
| 23 |
--------------------------- |
| 24 |
Sysadmin. |
| 25 |
IFX Networks. Venezuela. |
| 26 |
=========================== |
| 27 |
lg@×××××××××.ve |
| 28 |
+58-212-952-3655. Ext. 109. |
Archives