Date: Wed, 14 Jan 2004 19:09:31 +0100 From: "Jesper Louis Andersen" <jlouis@mongers.org> To: D J Hawkey Jr <hawkeyd@visi.com> Cc: security at FreeBSD <freebsd-security@freebsd.org> Subject: Re: mtree vs tripwire Message-ID: <20040114180931.GA17074@miracle.mongers.org> In-Reply-To: <20040114134215.GA21307@sheol.localdomain> References: <20040114134215.GA21307@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting D J Hawkey Jr (hawkeyd@visi.com): > This might seem really naive, but can mtree be used effectively as > a native-to-core-OS tripwire equivalent? Would it be as efficient in > terms of time-to-run and resource requirements? > > What sort of pitfalls should I be aware of? Yes, it can: Pro: distributed with base Con: Only available for *BSD architectures as far as my knowledge goes. What it means is that if you want to cryptographically hash a Linux-box tripwire might be better to use because you would get a common interface across your platforms. On the other hand, last time I looked tripwire was a magnificient piece of bloat. -- j.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040114180931.GA17074>