> That is something that I hadn't considered. The cracker could potentially > unmount /var/lib/aide/ro (where I have the floppy containing the AIDE > checksums mounted) and place in that directory a newly-generated list of > checksums, which AIDE would read the next time it runs. When I got the > report in my inbox, it would look like everything is fine. IMHO, definitely > a hole that's there regardless of whether I use a RO floppy or a CD-R. > Sometimes old fashioned solutions are the best. Print your log files on an old Dot-Matrix Printer. Costs very little, attacker can't screw with them after breaking in, and you can read them in the bath :) Dan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- Re: MD5 sums of individual files? Josep Llauradó Selvas
- Re: MD5 sums of individual files? Tom Amm
- Re: MD5 sums of individual files? Ethan Benson
- Re: MD5 sums of individual files? William R. Ward
- Re: MD5 sums of individual files? Kenneth Pronovici
- Re: MD5 sums of individual files? Stephen Rank
- Re: MD5 sums of individual files? Ryan Golbeck
- Re: MD5 sums of individual files? Kenneth Pronovici
- RE: MD5 sums of individual files? Don Laursen
- RE: MD5 sums of individual files? Kenneth Pronovici
- Re: MD5 sums of individual files? Dan Rowles
- Re: MD5 sums of individual files? Martin Maney
- RE: MD5 sums of individual files? Pat Moffitt
- Re: MD5 sums of individual files? Dan Rowles
- Re: MD5 sums of individual files? Peter Cordes
- Re: MD5 sums of individual files? Noah L. Meyerhans
- RE: MD5 sums of individual files? Pat Moffitt
- Re: MD5 sums of individual files? Peter Cordes
- Re: MD5 sums of individual files? Kenneth Pronovici
- Re: MD5 sums of individual files? Patrick Maheral
- Re: MD5 sums of individual files? Noah L. Meyerhans