Date: Mon, 13 Dec 2010 10:02:16 +0100 From: =?iso-8859-1?Q?Eirik_=D8verby?= <ltning@anduin.net> To: Michael Scheidell <michael.scheidell@secnap.com> Cc: freebsd-security@freebsd.org, Micheas Herman <m@micheas.net> Subject: Re: any interest in tripwire commercial? Message-ID: <C34562A1-307A-4AB2-92BE-9717D44FE319@anduin.net> In-Reply-To: <4D03A0D1.5070808@secnap.com> References: <4CF511C7.3050702@secnap.net> <AANLkTin0BcdPyQDt=M%2Bx3nXuCeF9JLeJ1FXuCViN9ufc@mail.gmail.com> <4D03A0D1.5070808@secnap.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 11, 2010, at 17:03, Michael Scheidell wrote: >> Probably. >>=20 >>> > does everyone put 32 bit compatibility libraries in their amd64 = builds? >>> > ______ >> Never, unless running cosed source software. It seems to triple your >> attack surface area. >>=20 > than the answer is "no' you would not want an i386 version since you = need to put 32bit compatibility in if this is all tripwire supports. > Sometimes, its easier to get a vendor to release compiled binaries if = you tell them you can support: > 7.1 - 8.x, i386/amd, with a single i386/32 bit binary. >=20 > to tell them the need to maintain 8 versions is harder. >=20 > doesn't really too much matter, It looks like only you and me are = interested. with that huge response, I guess its never going to happen. It really depends what the final product would cost, if it would be = supported and maintained on 64-bit 8.x, with future commitment to = support 9.x. It also depends what added value this package would had = compared to 'portmaster security/tripwire' or similar. In any case we would be interested if this would provide significant and = real (security/manageability) advantages compared to our current = "freebsd-update IDS" model (no, not only freebsd-update IDS, but some = added magic to make it a bit more resilient and reliable). PCI DSS and other security standards specifically mention tripwire so it = would make life easier if we could tick the box saying 'yes we use = tripwire'. /Eirik=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C34562A1-307A-4AB2-92BE-9717D44FE319>