[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Tripwire port to OpenBSD 3.4
On Feb 02 10:18 PM, Justin Bramlage wrote:
> Does anybody know if there is a port for the Tripwire security tool for
> OpenBSD 3.4?
> If not, has anybody had any luck getting the RedHat install to work?
Check out `man 8 mtree`. It comes with *BSD and it is capable of doing
basically what tripwire does - it can build a database of file
specifications and checksums and compare an existing tree to that spec.
The /etc/security script uses it to compare the system binaries to a
spec in /etc/mtree/special. The man page describes ways to build a spec
and encrypt it so that it can't be tampered with.
You could also use chflags to make the /etc/mtree/special or whichever
spec you build to immutable so you can't alter it unless you change to a