From owner-freebsd-security Wed May 31 19:15:17 2000 Delivered-To: freebsd-security@freebsd.org Received: from raq.tabernae.com (raq.gashalot.com [208.197.146.18]) by hub.freebsd.org (Postfix) with ESMTP id 1D70337B9CE for ; Wed, 31 May 2000 19:15:13 -0700 (PDT) (envelope-from gashalot@gashalot.com) Received: from localhost (gashalot@localhost [127.0.0.1]) by raq.tabernae.com (8.9.3/8.8.8) with ESMTP id WAA32735 for ; Wed, 31 May 2000 22:15:11 -0400 Date: Wed, 31 May 2000 22:15:08 -0400 (EDT) From: Robert Gash X-Sender: gashalot@raq.tabernae.com To: freebsd-security@freebsd.org Subject: Recommendations for alternative tripwire options Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org After reading the recent articles about the crack attempts on the community LAN I am going to go ahead and deal with the hassle of installing system file watching programs (like tripwire, etc.). However, as we are a commercial orginization, the new copies of tripwire are not free for us, and I'd like to use something in the GPL (as GPL software often works better than commercial products). I've looked around and found AIDE, which appears to be a tripwire replacement written under the GNU GPL. I have only found one mention of this on the freebsd-security list in the geocrawler archives, so I'll ask. Has anyone found any decent systems like tripwire available under the GNU GPL? I like to keep my systems pretty tight (nothing but trusted daemons [FTP, Apache, openssh] running on the machines, and we don't allow any users to log in, period.), but security from the inside can never hurt (espically with a growing staff on the inside). If you know of some software like tripwire available under the GPL (or freely available to commercial orginizations), I'd love to hear from you (and perhaps some others on the list as well). I've had no success in getting AIDE to compile on my 3.4-S box over here, I'll include the compile errors below. Thanks for any insight into this matter you may be able to provide. -Robert Gash AIDE 0.7 Compile Errors: ----------------------------------------------------- gcc -DHAVE_CONFIG_H -I. -I/root/aide/aide-0.7/src -I.. -I/usr/local/include -I/root/aide/aide-0.7/include -I/root/aide/aide-0.7 -I/root/aide/aide-0.7/src -g -O2 -c db_file.c db_file.c: In function `db_readline_file': db_file.c:215: warning: dereferencing `void *' pointer db_file.c:215: request for member `_file' in something not a structure or union gmake[3]: *** [db_file.o] Error 1 ----------------------------------------------------- -- .----------------- PGP Key: `finger gashalot@gashalot.com` -----------------. | Robert Gash | Work - gashalot@fasturl.net | | Senior Systems Administrator | Personal - gashalot@gashalot.com | | VenerNet Inc -- www.fasturl.net | http://www.gashalot.com | `---- PGP Key Fprint: 78 5D 64 D2 99 F3 D8 A0 B2 56 DF EF F2 C6 D3 DF ----' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message