Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 15 Jun 2001 07:45:12 -0700
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: tripwire 
Message-ID:  <200106151445.f5FEjP900945@cwsys.cwsent.com>
In-Reply-To: Your message of "Wed, 13 Jun 2001 10:14:16 CDT." <NEBBJFPJOMGCGNBMJMCHIEEGCEAA.nospam@hiltonbsd.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <NEBBJFPJOMGCGNBMJMCHIEEGCEAA.nospam@hiltonbsd.com>, 
"Stephen Hilton
" writes:
> Dear Mr. Schubert
> 
> Regarding your post about the tripwire port, I think this is a good idea
> in that some feedback could be obtained regarding the policy file setup.
> 
> I have been using aide 0.7 on my systems and was interested if the "list"
> thinks this is a "solid" enough solution for integrity checking?  I am aware
> that aide is a memory hog, but the systems I administer are used primarily
> during business hours, so aide can be run at night without user performance
> impact.
> 
> Thanks for all your FreeBSD and IPFilter support,
> 
> Sincerely,
> 
> Stephen Hilton
> nospam@hiltonbsd.com
> 

Thank you for your kind words.  Sorry for the late reply.  I've fallen 
behind on reading my security & FreeBSD mailing lists mailbox, over 400 
emails.  Just not enough time in the day any more.  :(

I've used both Tripwire and Aide, and I maintain the FreeBSD 
tripwire-131 and aide ports.  My preference so far has been Tripwire 
because of its interactive option.  Other than that and taking into 
account some what I might consider relatively minor differences when 
viewed at from the 35,000 ft. level, the two packages are quite similar 
in function.

Version 1 of Tripwire, especially 1.2, does not manage its memory all 
that well either.  The folks at Tripwiresecurity have told me that 
version 2 greatly improves its memory management allowing one to 
monitor greater numbers of files.  I've hit the wall, so to speak, with 
number of files monitored by Tripwire-1.3.1.  The Tripwire-2.3.1 port, 
once complete, should resolve that issue for me.


Regards,                         Phone:  (250)387-8437
Cy Schubert                        Fax:  (250)387-5766
Team Leader, Sun/Alpha Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106151445.f5FEjP900945>