From owner-freebsd-security@FreeBSD.ORG  Wed Jan 14 10:22:05 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 33AE216A4CE
	for <freebsd-security@freebsd.org>;
	Wed, 14 Jan 2004 10:22:05 -0800 (PST)
Received: from conn.mc.mpls.visi.com (conn.mc.mpls.visi.com [208.42.156.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6EBCE43D31
	for <freebsd-security@freebsd.org>;
	Wed, 14 Jan 2004 10:22:02 -0800 (PST)
	(envelope-from hawkeyd@visi.com)
Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193])
	by conn.mc.mpls.visi.com (Postfix) with ESMTP
	id EB2AA893D; Wed, 14 Jan 2004 12:21:54 -0600 (CST)
Received: (from hawkeyd@localhost)
	by sheol.localdomain (8.11.6p2/8.11.6) id i0EILsK22465;
	Wed, 14 Jan 2004 12:21:54 -0600 (CST)
	(envelope-from hawkeyd)
X-Spam-Policy: http://www.visi.com/~hawkeyd/index.html#mail
Date: Wed, 14 Jan 2004 12:21:54 -0600
From: D J Hawkey Jr <hawkeyd@visi.com>
To: Jesper Louis Andersen <jlouis@mongers.org>
Message-ID: <20040114182154.GA22444@sheol.localdomain>
References: <20040114134215.GA21307@sheol.localdomain>
	<20040114180931.GA17074@miracle.mongers.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040114180931.GA17074@miracle.mongers.org>
User-Agent: Mutt/1.4.1i
cc: security at FreeBSD <freebsd-security@freebsd.org>
Subject: Re: mtree vs tripwire
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: hawkeyd@visi.com
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jan 2004 18:22:05 -0000

On Jan 14, at 07:09 PM, Jesper Louis Andersen wrote:
> 
> > This might seem really naive, but can mtree be used effectively as
> > a native-to-core-OS tripwire equivalent? Would it be as efficient in
> > terms of time-to-run and resource requirements?
> 
> Pro: distributed with base
> Con: Only available for *BSD architectures as far as my knowledge goes.

I'm aware of both, yes; hence my question. FreeBSD is all I'm dealing
with, where my question is concerned.

Is your reply from personal experience, or is it the same "Hey, it
could..." as is my question? If the former, would you elaborate on the
implementation details?

Thanks,
Dave

-- 
  ______________________                         ______________________
  \__________________   \    D. J. HAWKEY JR.   /   __________________/
     \________________/\     hawkeyd@visi.com    /\________________/
                      http://www.visi.com/~hawkeyd/