From owner-freebsd-security Thu Apr 19 20:29:53 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.wlcg.com (mail.wlcg.com [207.226.17.4]) by hub.freebsd.org (Postfix) with ESMTP id E17B537B422 for ; Thu, 19 Apr 2001 20:29:47 -0700 (PDT) (envelope-from rsimmons@wlcg.com) Received: from localhost (rsimmons@localhost) by mail.wlcg.com (8.11.3/8.11.3) with ESMTP id f3K3TVN86078; Thu, 19 Apr 2001 23:29:32 -0400 (EDT) (envelope-from rsimmons@wlcg.com) Date: Thu, 19 Apr 2001 23:29:27 -0400 (EDT) From: Rob Simmons To: Andy Farkas Cc: Jason DiCioccio , Emre Bastuz , Subject: Re: Tripwire or the like for FreeBSD ? In-Reply-To: Message-ID: <20010419232353.R85568-100000@mail.wlcg.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Is there a reason to use md5, sha1, and ripemd160 together? I would think ripemd160digest alone would be sufficient. Also, burning the output of that to a CD is a pretty good way to prevent tampering. Robert Simmons Systems Administrator http://www.wlcg.com/ On Fri, 20 Apr 2001, Andy Farkas wrote: > > Search the -security mailing list for "alternative tripwire options" and > you'll find a message by Garrett Wollman that says: > > > In any event, try (in 5-current and 4-stable): > > > > =09# mtree -ciK md5digest,sha1digest,ripemd160digest -p / \ > > =09> >my.file.list > > > > To check, use: > > > > =09# mtree -p / my.file.list > > > > You will probably find a significant number of files which are > > expected to change; you'll want to list these in a separate file and > > regenerate the list using the `-X' option. (You'll then also want to > > check the list using the same option.) At some point, I'll try to > > come up with a list which could serve as a starting point. > > > On Thu, 19 Apr 2001, Rob Simmons wrote: > > > Please do :) > > > > http://www.freebsd.org/doc/en_US.ISO_8859-1/books/handbook/contrib.html= #CONTRIB-WHAT > > > > See #6 in High priority tasks. > > > > Robert Simmons > > Systems Administrator > > http://www.wlcg.com/ > > > > On Thu, 19 Apr 2001, Jason DiCioccio wrote: > > > > > couldn't you could easily hack something up using mtree? > > > ----- Original Message ----- > > > From: "Emre Bastuz" > > > To: > > > Sent: Thursday, April 19, 2001 12:30 PM > > > Subject: Tripwire or the like for FreeBSD ? > > > > > > > > > > Hi, > > > > > > > > I was just wondering if there is Tripwire for FreeBSD or some decen= t tool > > > > that has similar/better functionality ? > > > > > > > > The Tripwire homepage seems to bee pretty commercial and lacks a BS= D > > > > version (they seem to be focused on Linux). > > > > > > > > I found something called "Aide" in the ports directory, but to be h= onest - > > > > I don=B4t trust a "Version 0.7" when it comes to security. > > > > > > > > Does anyone know any alternative ? > > > > > > > > Regards, > > > > > > > > Emre > > > > > > > > -- > > > > Emre Bastuz > > > > info@emre.de http://www.emre.de > > > > UIN: 561260 PGP Key ID: 0xAFAC77FD > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.4 (FreeBSD) > > Comment: For info see http://www.gnupg.org > > > > iD8DBQE636fov8Bofna59hYRA3fnAKDBzE+dCxBb6ZZc0rRyLSF7E0ISCQCghL23 > > wQIM9wTnvZQPigab/oZYpZI=3D > > =3DlQWF > > -----END PGP SIGNATURE----- > > > > > > -- > > :{ andyf@speednet.com.au > > Andy Farkas > System Administrator > Speednet Communications > http://www.speednet.com.au/ > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6360bv8Bofna59hYRAxraAJ4rfOczD5fDvOi4nqUFvA/TpP49RgCeLhQM tvlbZM+AMyY0bdyRwhiALIY=3D =3DUbCU -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message