[1840] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Named update for RH 4.2 exploitable?

daemon@ATHENA.MIT.EDU (Greg Boehnlein)
Mon Jun 8 11:12:51 1998

Date: Mon, 8 Jun 1998 09:19:30 -0400 (EDT)
From: Greg Boehnlein <damin@nacs.net>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.95.980607163438.723Y-100000@tarkin.fdt.net>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

On Sun, 7 Jun 1998, Jon Lewis wrote:

> > Next logical question:  Has anyone worked out rpms for tripwire, COPS, etc?
> > and why aren't these necessary security applications a standard part of ALL
> > distributions?
> 
> For RedHat, tripwire would be relatively redundant.  If you keep a copy of
> your rpm database on some sort of removable, remote, or read-only media,
> you can use rpm -V to look for things that are out of sync as far as
> permissions or md5sum go.  

My only concerns with running rpm -v is that it only checks files that are
-IN- the RPM database, while Tripwire can alert you to new binaries that
have been installed.

--
      President of New Age Consulting Service, Inc.  Cleveland Ohio
           http://www.nacs.net   info@nacs.net   (216)-619-2000
         An athletic supporter of the Cleveland Linux User Group
                        http://cleveland.lug.net

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post