[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tripwire port to OpenBSD 3.4

To: misc@openbsd.org
Subject: Re: Tripwire port to OpenBSD 3.4
From: Matt Provost <mprovost@termcap.net>
Date: Mon, 2 Feb 2004 21:30:07 -0800
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <000001c3ea04$765b9cb0$5a01a8c0@jb>
User-Agent: Mutt/1.5.4i

On Feb 02 10:18 PM, Justin Bramlage wrote:
> Hello,
> 
> Does anybody know if there is a port for the Tripwire security tool for
> OpenBSD 3.4?
> If not, has anybody had any luck getting the RedHat install to work?
> 
> Thanks,
> Justin

Check out `man 8 mtree`. It comes with *BSD and it is capable of doing
basically what tripwire does - it can build a database of file
specifications and checksums and compare an existing tree to that spec.

The /etc/security script uses it to compare the system binaries to a
spec in /etc/mtree/special. The man page describes ways to build a spec
and encrypt it so that it can't be tampered with.

You could also use chflags to make the /etc/mtree/special or whichever
spec you build to immutable so you can't alter it unless you change to a
different securelevel.

Matt

References:
- Tripwire port to OpenBSD 3.4
  - From: "Justin Bramlage" <jbramlage@insightbb.com>

Prev by Date: trouble with second raid set
Next by Date: benchmarking challenge
Prev by thread: Re: Tripwire port to OpenBSD 3.4
Next by thread: Re: Tripwire port to OpenBSD 3.4
Index(es):
- Date
- Thread