On Fri, Sep 10, 2004 at 11:48:31AM +0300, David Baron wrote: > Anyone using this on Debian? > > This is a file-system integrity checker, will detect hacks, intrusions, etc. I > tried it but seems to find lots of stuff that seem part of the dynamics of > the ongoing system operation, and attempts to change its "policy" are > crippled by all these items. Examples are things deleted from /proc/####/.... > numbered subfolders that seem to correspond to processes that start and end > on the system, permissions in .../.kde subdirectories which I certainly did > not touch within the lifetime of this test, INODES also touching /proc/#### > stuff.
You can configure it to avoid directories or specific files that you don't wnat monitored for changes. See the docs for Tripwire for the details of how to do so (it has been too long since I've used it for me to give any hints without checking the docs myself). As far as I remember, though, the docs were pretty decent. GC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
