On Monday, 2004-02-23 at 10:42:05 +0100, Jan Lühr wrote: > well, I looking for an open source intrusion detection. At first, tripwire > caputures my attention, but the last open source version seems to be three > years old - is it still in development or badly vulnerable? > Then I searched for tripwire in the woody packages and found integrit and > bsign - so which would you prefer and why? > Are there any interesting other projekt that worth looking for?
Stable != bad, ask the Debian project :-P I'm using a combination of Tripwire and AIDE. Before I decided on that, I did a survey of intergity checkers. I didn't find bsign then, but integrit. At that time 3.00.05 was most current. It did not offer a variety of hashes, only SHA1. It offered no database integrity like Tripwire does (and seemingly AIDE now, too). In general it was one of the better tools, but not as flexible and versatile as AIDE and Tripwire. HTH, Lupe Christoph -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | "Violence is the resort of the violent" Lu Tze | | "Thief of Time", Terry Pratchett |