Date: Fri, 11 Dec 1998 09:14:32 -0300 (GMT) From: Fernando Schapachnik <fpscha@ns1.sminter.com.ar> To: jwyatt@rwsystr.RWSystems.net (James Wyatt) Cc: reese@chem.duke.edu, freebsd-security@FreeBSD.ORG Subject: Re: tripwire was Re: append-only devices for logging Message-ID: <199812111214.JAA25395@ns1.sminter.com.ar> In-Reply-To: <Pine.LNX.3.91.981210205800.4831A-100000@rwsystr.RWSystems.net> from James Wyatt at "Dec 10, 98 09:42:25 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
En un mensaje anterior, James Wyatt escribió:
> On Thu, 10 Dec 1998, Charles Reese wrote:
> > Can tripwire be modified to compare two databases rather then one data base
> > and the current files? I ask because I monitor some systems remotely and I
> > would like to be able to automatically generate a tripwire database on the
> > remote system, ftp it to my local site and compare it with a previously
> > created database that I have stored here on read-only media. It is not
> > possible for me to use read-only media on the remote machine.
>
> This is a *great* idea! I had set the BIOS to boot w/o floppy and written
> the DB to a floppy I changed to R/O by hand. This has a limit of 1.44MB
> or 2.88 MB, depending on how much you spend for a floppy drive. I guess a
> zip disk would work too, but I was given a parallel zip which seems to be
> unsupported on FreeBSD. 8{(
Also, you can use ssyslog to send (encripted) your logs to a "safe
machine". This is usefull if you are planning to protect logs from more
than one box.
ssyslog can be found on http://www.core-sdi.com/ssyslog
Regards!
Fernando P. Schapachnik
Administracion de la red
S&M International SA
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812111214.JAA25395>