From owner-freebsd-security Fri Jun 28 11:42:32 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7EF8737B400 for ; Fri, 28 Jun 2002 11:41:51 -0700 (PDT) Received: from munkboxen.mine.nu (213-152-51-194.dsl.eclipse.net.uk [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id C128143E35 for ; Fri, 28 Jun 2002 11:40:54 -0700 (PDT) (envelope-from munk@munkboxen.mine.nu) Received: (from munk@localhost) by munkboxen.mine.nu (8.11.6/8.11.6) id g5SIe1712609 for freebsd-security@FreeBSD.ORG; Fri, 28 Jun 2002 19:40:01 +0100 (BST) (envelope-from munk) Date: Fri, 28 Jun 2002 19:40:00 +0100 From: Jez Hancock To: FreeBSD Security Mailling List Subject: Re: Tripwire for Dummies Message-ID: <20020628194000.A12567@munkboxen.mine.nu> Mail-Followup-To: FreeBSD Security Mailling List References: <1025280108.2819.27.camel@jan-linux.lan> <1025286115.2819.46.camel@jan-linux.lan> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <1025286115.2819.46.camel@jan-linux.lan>; from Jan.Lentfer@web.de on Fri, Jun 28, 2002 at 07:41:55PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Jun 28, 2002 at 07:41:55PM +0200, Jan Lentfer wrote: > Thanks for all your replies, they have been all very helpfull. I just > have one, maybe two questions left: > I read that it was best to move the tripwire database to a read-only > medium (floppy or cdrom). I used the defaults of the tripwire-2.3 ports > and ended up with 3MB database. How did you guys configure your > tripwire? Is it better to clean up the configuration and by that shrink > the database to fit on a floppy? If so, what HAS TO stay, what can be > removed? Or is it better to stuff the database on a CD-RW and burn a new > one everytime you change stuff? I seem to remember reading instructions for mounting a floppy and then safely tarring/gzipping the tripwire db and moving it onto the floppy disk, somewhere in the tripwire documentation. After following that advice I managed to shrink a 5mb tripwire db file down to just over 1mb. I've had a quick search for the documentation in question but can't find it on my system, think it got cleared out recently - perhaps if you try grepping for fd0 in the documentation tarball someone mentioned above you might find the relevant instructions. Good luck, Jez To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message