Date: Thu, 19 Apr 2001 23:29:27 -0400 (EDT) From: Rob Simmons <rsimmons@wlcg.com> To: Andy Farkas <andyf@speednet.com.au> Cc: Jason DiCioccio <geniusj@bluenugget.net>, Emre Bastuz <info@emre.de>, <freebsd-security@FreeBSD.ORG> Subject: Re: Tripwire or the like for FreeBSD ? Message-ID: <20010419232353.R85568-100000@mail.wlcg.com> In-Reply-To: <Pine.BSF.4.33.0104201312460.14592-100000@backup.af.speednet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Is there a reason to use md5, sha1, and ripemd160 together? I would think ripemd160digest alone would be sufficient. Also, burning the output of that to a CD is a pretty good way to prevent tampering. Robert Simmons Systems Administrator http://www.wlcg.com/ On Fri, 20 Apr 2001, Andy Farkas wrote: > > Search the -security mailing list for "alternative tripwire options" and > you'll find a message by Garrett Wollman that says: > > > In any event, try (in 5-current and 4-stable): > > > > # mtree -ciK md5digest,sha1digest,ripemd160digest -p / \ > > > >my.file.list > > > > To check, use: > > > > # mtree -p / my.file.list > > > > You will probably find a significant number of files which are > > expected to change; you'll want to list these in a separate file and > > regenerate the list using the `-X' option. (You'll then also want to > > check the list using the same option.) At some point, I'll try to > > come up with a list which could serve as a starting point. > > > On Thu, 19 Apr 2001, Rob Simmons wrote: > > > Please do :) > > > > http://www.freebsd.org/doc/en_US.ISO_8859-1/books/handbook/contrib.html#CONTRIB-WHAT > > > > See #6 in High priority tasks. > > > > Robert Simmons > > Systems Administrator > > http://www.wlcg.com/ > > > > On Thu, 19 Apr 2001, Jason DiCioccio wrote: > > > > > couldn't you could easily hack something up using mtree? > > > ----- Original Message ----- > > > From: "Emre Bastuz" <info@emre.de> > > > To: <freebsd-security@freebsd.org> > > > Sent: Thursday, April 19, 2001 12:30 PM > > > Subject: Tripwire or the like for FreeBSD ? > > > > > > > > > > Hi, > > > > > > > > I was just wondering if there is Tripwire for FreeBSD or some decent tool > > > > that has similar/better functionality ? > > > > > > > > The Tripwire homepage seems to bee pretty commercial and lacks a BSD > > > > version (they seem to be focused on Linux). > > > > > > > > I found something called "Aide" in the ports directory, but to be honest - > > > > I donīt trust a "Version 0.7" when it comes to security. > > > > > > > > Does anyone know any alternative ? > > > > > > > > Regards, > > > > > > > > Emre > > > > > > > > -- > > > > Emre Bastuz > > > > info@emre.de http://www.emre.de > > > > UIN: 561260 PGP Key ID: 0xAFAC77FD > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.4 (FreeBSD) > > Comment: For info see http://www.gnupg.org > > > > iD8DBQE636fov8Bofna59hYRA3fnAKDBzE+dCxBb6ZZc0rRyLSF7E0ISCQCghL23 > > wQIM9wTnvZQPigab/oZYpZI= > > =lQWF > > -----END PGP SIGNATURE----- > > > > > > -- > > :{ andyf@speednet.com.au > > Andy Farkas > System Administrator > Speednet Communications > http://www.speednet.com.au/ > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6360bv8Bofna59hYRAxraAJ4rfOczD5fDvOi4nqUFvA/TpP49RgCeLhQM tvlbZM+AMyY0bdyRwhiALIY= =UbCU -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010419232353.R85568-100000>