On Wed, Apr 26, 2000 at 10:14:25AM +0200, Ingemar Fällman wrote: > But tripwire does not save the checksums on a "safe place" by default... > And it does not update the checksums when a package is updated, and > when the debian packages has checksums.. why don't use them to get > some better security...
Prudent security dictates that you store the TripWire or AIDE databases on an off-machine database. For best security, place the database on a floppy, Zip cartrige or CD-RW and take it out of the machine. Then it is impossible for a remote attack against it. -- --Brad ============================================================================ Bradley M. Alexander | Co-Chairman, Beowulf System Admin/Security Specialist | NoVALUG/DCLUG Security SIG Winstar Telecom | [EMAIL PROTECTED] (703) 889-1049 | [EMAIL PROTECTED] ============================================================================ -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS/E/CC d- s+:+ a C+++ ULS++++$ P+ L+++ E- W++ N- o? K w--- O+ M+ V- !PS PE Y++ PGP+++ t++ 5+ X- R(+) tv(+) b+DI++ D+ G e* h* r+++ y? ------END GEEK CODE BLOCK------
pgpVBNXLX7zqb.pgp
Description: PGP signature
