I'm wondering if the tripwire database is small enough to fit on a floppy.
I was thinking about putting one on a physically locked floppy (so no
enterprising cracker could also recreate the tripwire database AFTER
modifying the files).
Is there any reason why this wouldn't be necessary?
Eric
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Hal Burgiss
> Sent: Tuesday, September 12, 2000 8:33 AM
> To: [EMAIL PROTECTED]
> Subject: Re: highly suspicious line in inetd.conf
>
>
> On Tue, Sep 12, 2000 at 09:54:30AM -0500, Jonathan Wilson wrote:
> > I was just thinking. I know there's trip wire and stuff. but it
> would be
> > neat to have cron run a script, that did md5sum "checks" on
> various things,
> > and mailed you, if the sum changed on anything that's in it's
> list. Anyone
> > have anything like that? I know practicly nothing about
> scripting, but how
> > hard would that be to write? Seems like it would go something
> like this:
> >
> > For every file in /etc/this_script's.conf, do "$file /path/to/md5sum" >
> > /var/log/today's_copy. and diff /var/log/today's_copy against
> > /var/log/yesterday's_copy, if today's_copy != yesterday's_copy,
> mail root
> >
> > OTH maybe I'm just silly ;-)
>
> This is pretty much what tripwire does, but it checks more than
> md5sum. You can config it for any list of files you want. If
> everything is OK, there is no output. If run from cron, and there are
> discrepancies, then root (or whoever) gets mailed the cron output.
>
> --
> Hal B
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> --
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
