Tripwire, Radmind, Others?
Scott Ruckh
sruckh at gemneye.org
Fri Jan 11 14:59:38 UTC 2008
----- Original Message -----
From: "David Tonhofer" <redhatter at m-plify.net>
To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
Sent: Friday, January 11, 2008 7:08 AM
Subject: Tripwire, Radmind, Others?
> Hello sysadmins,
>
> In order to lock down my little system I wanted to invest some time/money
> into a program to keeps a
> snapshot of the state of the filesystem, i.e. file names, file attributes
> and hashes.
>
> I have used "Tripwire" in the 90's and early 00's with some good results
> (but had some problems with
> its configuration) but then abandoned it as it was no longer packaged with
> Red Hat above 8 I think (?).
>
> Anyway, I wanted to look at "radmind" - does anyone have any particular
> notable points on it? Are
> these filesystem-synapshot approaches still current or are there new
> approaches (an enforcing SELinux
> or kernel modules collecting information at runtime come to mind).
>
> Best regards,
>
> -- David
You might take a look at:
http://www.la-samhna.de/samhain/
It can be used as a central file integrity system. It has three components
including a web front-end.
More information about the redhat-list
mailing list