From owner-freebsd-security Wed Jun 13 6:24:32 2001 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 0571037B403 for ; Wed, 13 Jun 2001 06:24:27 -0700 (PDT) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id GAA29799; Wed, 13 Jun 2001 06:24:11 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda29797; Wed Jun 13 06:24:04 2001 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.4/8.9.1) id f5DDNw823410; Wed, 13 Jun 2001 06:23:58 -0700 (PDT) Received: from UNKNOWN(10.1.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdN23408; Wed Jun 13 06:23:21 2001 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.4/8.9.1) id f5DDNLU09513; Wed, 13 Jun 2001 06:23:21 -0700 (PDT) Message-Id: <200106131323.f5DDNLU09513@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdaC9509; Wed Jun 13 06:22:33 2001 X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: schubert To: Sheldon Hearn Cc: "Sam Leffler" , freebsd-security@FreeBSD.ORG Subject: Re: tripwire In-reply-to: Your message of "Wed, 13 Jun 2001 11:03:18 +0200." <68633.992422998@axl.seasidesoftware.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 13 Jun 2001 06:22:33 -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message <68633.992422998@axl.seasidesoftware.co.za>, Sheldon Hearn writes: > > > On Tue, 12 Jun 2001 21:44:37 MST, "Sam Leffler" wrote: > > > Do folks use tripwire or is there a preferred alternative? The LGPL Linux > > 2.2.1 version works fine in compatibility mode under 4.3-R (after a little > > tweaking to get it installed). > > You can use a native version, as built from the ports tree: > > /path/to/ports/tripwire > /path/to/ports/tripwire-131 > > It works very well for many people. Reading the accompanying > documentation is worthwhile. I'm currently working on a tripwire-231 port. It compiles and runs on FreeBSD using native FreeBSD binaries. I'm about 30% complete on a FreeBSD-specific policy file. The policy file shipped with the source is RedHat-specific: Many binaries that exist on RedHat do not exist on FreeBSD and vice versa. Also many binaries on RedHat that reside in /bin, /sbin, and /lib reside in /usr/bin, /usr/sbin, and /usr/lib. I must say that I'm discovering some of the esoteric bits and pieces of both RedHat and FreeBSD in the translation process. If people want, I could shortcut the whole process by creating a generic policy file similar to the generic nature of the tripwire-131 policy file. This would give us a tripwire-231 port now and an updated tripwire-231 port with a FreeBSD-specific policy file later when I've completed building the FreeBSD policy file. If people see value in this, I will do it. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message