thats very interesting...thank you Dan.
--
Mark
/ * Sometimes it becomes necessary to rock the boat
* in order to get the rats up from below decks
* so they can be kicked over the side and drowned!
*
* REGISTERED LINUX USER # 182496
*/
<<<<<<<<<<<<<<<<<*REPLY SEPERATOR*>>>>>>>>>>>>>>>>>>>>>>
On Mon, 4 Dec 2000 Daniel J. Ferris had this to say!
> Tripwire is a program that uses cryptographic checksums (like md5,
> crc32, and SHA1) to perform accounting on the filesystem.
>
> Tripwire is generally used to make sure that a program like login, or
> ps, or netstat isn't substituted for a version that is trojaned,
> because the MD5 sums on the trojaned version will be different than
> the MD5 sums on the original program. Coincidently, this is why Linux
> distributors like Red Hat and Mandrake ALWAYS print MD5 sums for their
> ISO images avaliable to download.
>
> There is also a GPLed replacement for Tripwire, but I don't remember
> the name of it off hand. Somebody else may know.
>
> Tripwire was semi-difficult for me to install the first time. It has
> a very strange looking configuration file. There is a manual that
> comes with it. I suggest downloading it and printing it out. It is
> in PDF format.
>
> If you check out Tripwire and decide that it is to hard for you, you
> can do a poor mans version with find and md5sum...
>
> find / -name -print | md5sum > md5sums.
>
> this will print out md5sums for every file on your disk. Tweak to
> your hearts content. :-) I would exclude log files, spool
> directories, and configuration files that you change frequently.
>
> The Mandrake security scripts attempt to do some of this by
> calculating the MD5 sums for SUID and SGID files on your system every
> night.
>
> Dan
>
> Mark Weaver <[EMAIL PROTECTED]> said:
>
> > what is tripwire? I've heard that name before somewhere.
> >
> > --
> > Mark
> >
> > / * Sometimes it becomes necessary to rock the boat
> > * in order to get the rats up from below decks
> > * so they can be kicked over the side and drowned!
> > *
> > * REGISTERED LINUX USER # 182496
> > */
> >
> > <<<<<<<<<<<<<<<<<*REPLY SEPERATOR*>>>>>>>>>>>>>>>>>>>>>>
> >
> > On 4 Dec 2000 ed had this to say!
> >
> > > Hi all I was wondering if anyone here uses tripwire and if so
> where can i
> > > get it and how hard is it to install.
> > > thanks all .....
> > >
> > >
> ____________________________________________________________________
> > > Get free email and a permanent address at
> http://www.netaddress.com/?N=1
> > >
> >
> >
>
>
>
> --
> We are Microsoft of Borg
> You will be assimilated
> resistance is-
> Invalid Page Fault in module msborg32.dll
>
>
>
