On Friday 10 September 2004 03:48, David Baron wrote: > Anyone using this on Debian? > > This is a file-system integrity checker, will detect hacks, intrusions, > etc. I tried it but seems to find lots of stuff that seem part of the > dynamics of the ongoing system operation, and attempts to change its > "policy" are crippled by all these items. Examples are things deleted from > /proc/####/.... numbered subfolders that seem to correspond to processes > that start and end on the system, permissions in .../.kde subdirectories > which I certainly did not touch within the lifetime of this test, INODES > also touching /proc/#### stuff.
Welcome to tripwire. It really is mostly useless except on public systems that you never mess with, but are very worried about. You can tweak the settings in /etc/tripwire though, to get it to be at least somewhat useful. Debian gives a good start for a configuration file for it. -- _ _ _ _ _ _ _ _ _ _ _ _ _ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ ( t | i | m | @ | i | t | . | k | p | t | . | c | c ) \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ GPG key fingerprint = 1DEE CD9B 4808 F608 FBBF DC21 2807 D7D3 09CA 85BF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
