Re: securing server

2008-05-09 Thread Simon Brandmair
On Thu, 08 May 2008 08:40:12 +0200 Bjørn Mork wrote: > martin f krafft <[EMAIL PROTECTED]> writes: >> also sprach Simon Brandmair <[EMAIL PROTECTED]> [2008.05.07.2020 +0100]: >>> > no security benefit >>> >>> Just wondering: Why not? >> >> http://www.bpfh.net/simes/computing/chroot-break.html >

Re: securing server

2008-05-09 Thread Johannes Graumann
The database should be on read-only media - I assume that was meant ... try samhain in combination with gnupg for a remedy ... Joh On Friday 09 May 2008 14:54:40 phobot wrote: > On May 7, 1:10 pm, martin f krafft <[EMAIL PROTECTED]> wrote: > > > use integrit/aide/tripwire > > > > only useful wit

Re: securing server

2008-05-09 Thread weakish
On Fri, 2008-05-09 at 09:24 -0400, Noah Meyerhans wrote: > > At least tripwire has the ability to encrypt its database, which helps > to mitigate this problem. The claim that tripwire is only useful with > read-only media is too strong; it can be quite useful without it. > And you can sign yo

Re: securing server

2008-05-09 Thread Noah Meyerhans
On Fri, May 09, 2008 at 05:54:40AM -0700, phobot wrote: > On May 7, 1:10 pm, martin f krafft <[EMAIL PROTECTED]> wrote: > > > use integrit/aide/tripwire > > > > only useful with read-only media > > OK, I don't get it if the media is read-only none can alter it so you > don't really need tripwire.

Re: securing server

2008-05-09 Thread phobot
On May 7, 1:10 pm, martin f krafft <[EMAIL PROTECTED]> wrote: > > use integrit/aide/tripwire > > only useful with read-only media OK, I don't get it if the media is read-only none can alter it so you don't really need tripwire. But if the media is writable so changes can be made you need to run tr