what to use instead of tripwire?t
Michael Schwendt
ms-nospam-0306 at arcor.de
Sun Oct 12 17:37:26 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 12 Oct 2003 09:21:16 -0400 (EDT), Alan Cox wrote:
> > sorry, let me rephrase that. now that tripwire is not shipped
> > *automatically* with fedora, is there an alternate file integrity
> > checker covered by the GPL that would be a good replacement?
>
> For everything in RPM format you can use rpm --verify
Except that it would not cover any files which have been modified
after package installation (e.g. config files, logs, files marked
notverify) whereas the IDE's database is created for the most recent
file checksums/attributes.
Also be sure to restore a copy of the RPM database from a secure place
before verifying any packages.
Btw, AIDE suffers from the same problem as verifying files with RPM,
since its database is not password protected either [yet].
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/iZFW0iMVcrivHFQRAqHZAKCCTyyWCFIq2Nfrw7JkZyTqn6luFACggWDG
E+CBLkvB4F92mfj00jMuJak=
=J9Zp
-----END PGP SIGNATURE-----
More information about the fedora-test-list
mailing list