Date: Fri, 11 Dec 1998 09:14:32 -0300 (GMT) From: Fernando Schapachnik <fpscha@ns1.sminter.com.ar> To: jwyatt@rwsystr.RWSystems.net (James Wyatt) Cc: reese@chem.duke.edu, freebsd-security@FreeBSD.ORG Subject: Re: tripwire was Re: append-only devices for logging Message-ID: <199812111214.JAA25395@ns1.sminter.com.ar> In-Reply-To: <Pine.LNX.3.91.981210205800.4831A-100000@rwsystr.RWSystems.net> from James Wyatt at "Dec 10, 98 09:42:25 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
En un mensaje anterior, James Wyatt escribió: > On Thu, 10 Dec 1998, Charles Reese wrote: > > Can tripwire be modified to compare two databases rather then one data base > > and the current files? I ask because I monitor some systems remotely and I > > would like to be able to automatically generate a tripwire database on the > > remote system, ftp it to my local site and compare it with a previously > > created database that I have stored here on read-only media. It is not > > possible for me to use read-only media on the remote machine. > > This is a *great* idea! I had set the BIOS to boot w/o floppy and written > the DB to a floppy I changed to R/O by hand. This has a limit of 1.44MB > or 2.88 MB, depending on how much you spend for a floppy drive. I guess a > zip disk would work too, but I was given a parallel zip which seems to be > unsupported on FreeBSD. 8{( Also, you can use ssyslog to send (encripted) your logs to a "safe machine". This is usefull if you are planning to protect logs from more than one box. ssyslog can be found on http://www.core-sdi.com/ssyslog Regards! Fernando P. Schapachnik Administracion de la red S&M International SA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812111214.JAA25395>