|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [Plug] RPM vs tripwire
|
On Thu, 30 Sep 1999, Darxus wrote:
> On Thu, 30 Sep 1999, Son To wrote:
>
> > RPM does package verification. It compares the size, MD5 sum,
> > permissions, type, owner and group of files. Why would I use tripwire
> > instead of using RPM? What advantage does tripwire have over RPM?
>
> Customized stuff in /etc ?
shouldnt customize stuff be in /usr/local?
>
> Also, if you're going to use RPM for this, store a copy of the rpm
> program, and everything it depends on (libraries, data files) offline, so
> that they can not be hacked -- just like you would w/ tripwire, siggen,
> and the tw.db. A hacker can't cover his tracks if they're on a floppy on
> your shelf.
>
> I've been considering doing something similar w/ debian, as daily apt-get
> dist-upgrades would mean regenerating the tripwire database every day, and
> to do so securely, I'd have to go down to single user mode. There's a
> program, I think called debsum, that at least verifies the mc5 summs of
> stuff from packages.
>
> Using rpm/debsum on your binaries & tripwire on your config files might
> work very well. Just be sure you store everything you use offline (which
> could get obnoxious if you upgrade frequently).
>
> __________________________________________________________________
> PGP fingerprint = 03 5B 9B A0 16 33 91 2F A5 77 BC EE 43 71 98 D4
> darxus@op.net / http://www.op.net/~darxus
> Join the Great Internet Mersenne Prime Search
> http://www.mersenne.org/prime.htm
>
>
>
> _______________________________________________
> Plug maillist - Plug@lists.nothinbut.net
> http://lists.nothinbut.net/mail/listinfo/plug
>
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|