| pinkee on Sun, 2 Jun 2002 13:58:18 -0400 |
|
On Thu, May 30, 2002 at 03:06:03AM -0400, gabriel rosenkoetter wrote: > On Thu, May 30, 2002 at 12:05:30AM -0400, Jason Costomiris wrote: > > tripwire != wasteful. > > > > Is there the slightest chance that this machine will ever have contact > > with the Internet? There's always a chance of compromise. > > Tripwire's basically useless if you don't use it right, and most > people don't. The statically-linked binaries and databases *must* > live on removable--not just unmounted, that's no help--media, and > you *must* verify regularly using this removable media. Any clueful > attacker will clear an on-disk Tripwire database in such a way that > you'll never know, and anyone not clued enough to notice Tripwire's > installed will leave traces you won't need Tripwire to notice. I agree with Gabriel here. Tripwire is pretty much what the name implies. It does nothing to *prevent* intrusuions, and may or may not help detect them after the fact. Just because you touch the internet, doesn't mean you need to be a security guru, close unnecessary ports and use common sense. Truly sensitive data should be chrooted, or kept on other media. $.02 pinkee -- www.cavegirl.org www.mydarlingchild.com "Even old New York was once New Amsterdam. Why they changed it, I can't say. People just liked it better that way. ... Why did Constantinople get the works? That's nobodies business but the Turks." They Might Be Giants Attachment:
pgpaivvAkkWnP.pgp
|
|