In article <[EMAIL PROTECTED]> you wrote: > Ahhh but we run scripts on the target before and after the rsync; to prep it > up and so forth, as well as patching some things in /etc > (we use a diff 'n' sed|patch system for some things in etc) > Hence, the binaries on the target that these scripts run need to > be verified. But yes, tripwire is ultimately the right tool! > :)
It is much better to boot the target from a trusted media, because of possible kernel hacks. This is anyway a good thing if you can just tell your uses to boot from network or put the CD into it to get their workplace restored. Greetings Bernd -- eckes privat - http://www.eckes.org/ Project Freefire - http://www.freefire.org/
