what to use instead of tripwire?t
seth vidal
skvidal at phy.duke.edu
Sun Oct 12 21:09:26 UTC 2003
> Short of physically powercycling, verifying the BIOS and device ROM
> checksums match, inspecting the hardware for modifications and trusting
> the device vendors you don't get far.
>
> The signed tripwire database for example is worthless unless you boot
> off a trusted kernel to process it using only trusted binaries.
https://lists.dulug.duke.edu/pipermail/yum/2003-August/001839.html
something that came up on the yum list - if you had a remote repository
of all the headers of all the packages you had put on your system it
would be almost as useful as the tripwire database in that you could
verify what was on your system and what it should look like.
It'd be just like keeping checksums of files in a remote db but you
could roughly count on what the package _should_ be based on what
versions you had your systems.
And verification from a red hat rescue disk or the rescue cd would
certainly be possible.
-sv
More information about the fedora-test-list
mailing list