|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [Plug] RPM vs tripwire
|
On Thu, 30 Sep 1999, Son To wrote:
> RPM does package verification. It compares the size, MD5 sum,
> permissions, type, owner and group of files. Why would I use tripwire
> instead of using RPM? What advantage does tripwire have over RPM?
Customized stuff in /etc ?
Also, if you're going to use RPM for this, store a copy of the rpm
program, and everything it depends on (libraries, data files) offline, so
that they can not be hacked -- just like you would w/ tripwire, siggen,
and the tw.db. A hacker can't cover his tracks if they're on a floppy on
your shelf.
I've been considering doing something similar w/ debian, as daily apt-get
dist-upgrades would mean regenerating the tripwire database every day, and
to do so securely, I'd have to go down to single user mode. There's a
program, I think called debsum, that at least verifies the mc5 summs of
stuff from packages.
Using rpm/debsum on your binaries & tripwire on your config files might
work very well. Just be sure you store everything you use offline (which
could get obnoxious if you upgrade frequently).
__________________________________________________________________
PGP fingerprint = 03 5B 9B A0 16 33 91 2F A5 77 BC EE 43 71 98 D4
darxus@op.net / http://www.op.net/~darxus
Join the Great Internet Mersenne Prime Search
http://www.mersenne.org/prime.htm
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|