From owner-freebsd-security  Tue Dec 10  2: 6:35 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2541237B401
	for <freebsd-security@freebsd.org>; Tue, 10 Dec 2002 02:06:33 -0800 (PST)
Received: from codeblau.de (codeblau.walledcity.de [212.84.209.34])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3290743EBE
	for <freebsd-security@freebsd.org>; Tue, 10 Dec 2002 02:06:26 -0800 (PST)
	(envelope-from stephan-freebsd-security@eckner.org)
Received: (qmail 31191 invoked by uid 103); 10 Dec 2002 10:06:28 -0000
Date: Tue, 10 Dec 2002 11:06:28 +0100
From: Stephan Eckner <stephan-freebsd-security@eckner.org>
To: freebsd-security@freebsd.org
Subject: Re: gateway security?
Message-ID: <20021210100628.GB31091@knuth.codeblau.de>
Mail-Followup-To: freebsd-security@freebsd.org
References: <200212091317.15077.timothy@voidnet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200212091317.15077.timothy@voidnet.com>
User-Agent: Mutt/1.3.27i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Mon, Dec 09, 2002 at 01:17:15PM -0600, Eric Timme wrote:

<--snip-->

> I'm planning to deploy aide with a write protected diskette, but would like 
> some advice as to other products to look into; I don't access the machine 

aide works quite well. If you're looking for a more lightweight implementation,
have a look at http://integrit.sourceforge.net/ (you'll find it in the ports
as well). Don't forget to put the statically linked binary on the protected
disk as well, or, even better: put the database, the config-file and the
binary on some _other_  machine, have cron-job running on that other machine,
that rsyncs all three files and than runs the verification via ssh :)

I wrote some (very simple) shell-scripts to do that for me, if you're 
intrested, send me private mail.

Hope it helps,

Stephan

-- 
Stephan Eckner                                           http://www.eckner.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message