From owner-freebsd-security  Tue Jul 24 16:41:57 2001
Delivered-To: freebsd-security@freebsd.org
Received: from cdrrdslgw2poolA156.cdrr.uswest.net (cdrrdslgw2poole180.cdrr.uswest.net [63.228.165.180])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9B1A437B406; Tue, 24 Jul 2001 16:41:54 -0700 (PDT)
	(envelope-from dean@cdrrdslgw2poolA156.cdrr.uswest.net)
Received: (from dean@localhost)
	by cdrrdslgw2poolA156.cdrr.uswest.net (8.11.4/8.11.2) id f6ONfpi99078;
	Tue, 24 Jul 2001 18:41:52 -0500 (CDT)
	(envelope-from dean)
Date: Tue, 24 Jul 2001 18:41:52 -0500 (CDT)
From: "Dean M. Phillips" <dean@uswest.net>
Message-Id: <200107242341.f6ONfpi99078@cdrrdslgw2poolA156.cdrr.uswest.net>
To: ben@FreeBSD.org
Cc: jdl@jdl.com, security@FreeBSD.org
In-reply-to: <20010724193339.H20105@strontium.shef.vinosystems.com>
	(ben@FreeBSD.org)
Subject: Re: Security Check Diffs Question
Reply-To: deanmphillips@uswest.net
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


For mission-critical servers, I prefer to use tripwire.  Burn the binary
and the database onto a CDROM and it will be nearly tamper-proof.

Oh yes, the default config file needs to be updated, but you really ought
to customize it anyway.

-- 
Dean M. Phillips                                 deanmphillips@uswest.net
Office: 319-295-0407                                   Home: 319-373-9825

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message