Onno Benschop wrote: >On 17/10/08 20:53, Andrew Hodgson wrote: >> I configured this at first, however, it cannot speak to our central >> enterprise Tripwire server, and so the security team are not happy. I >> am still trying to argue that if we use the OS version of Tripwire, and >> get emailed reports sent to us, then that will meet the requirements. > >I'm not intimately familiar with tripwire, but your comment makes me ask >the following:
>Do you know why "it cannot speak to our central enterprise Tripwire server"? Due to the fact that the version packaged with Ubuntu is the open source version, and we are using Tripwire Enterprise <http://www.tripwire.com>. I have now had it confirmed that Tripwire Enterprise will only work on RedHat Enterprise and Suse, so we will have to see what our security department thinks of using the open source version, as it pretty much does what the enterprise version does, only without the pretty GUI in front of it, and without the consolidated reports. The only reason we are doing this is to provide PCI (payment card industry) compliance to our servers, as the servers we wish to convert to Ubuntu will be taking customers credit card details (although will not store those details). Thanks. Andrew. -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
