Re: [vox-tech] Tripwire or equivalent

To: vox-tech@listMAPSs.lugod.org
Subject: Re: [vox-tech] Tripwire or equivalent
From: Rick Moen <MAPSrick@linuxmafia.com>
Date: Tue, 29 Jun 2004 19:27:24 -0700
Delivered-to: lugod@livepenguin.com
Delivered-to: vox-tech@livepenguin.com
In-reply-to: <5.2.1.1.0.20040629190557.0204f220@ideaworx.com>
List-archive: <http://ns1.livepenguin.com/pipermail/vox-tech>
List-help: <mailto:vox-tech-request@lists.lugod.org?subject=help>
List-id: lugod's technical discussion forum <vox-tech.lists.lugod.org>
List-post: <mailto:vox-tech@lists.lugod.org>
List-subscribe: <http://lists.lugod.org/mailman/listinfo/vox-tech>,<mailto:vox-tech-request@lists.lugod.org?subject=subscribe>
List-unsubscribe: <http://lists.lugod.org/mailman/listinfo/vox-tech>,<mailto:vox-tech-request@lists.lugod.org?subject=unsubscribe>
Mail-followup-to: vox-tech@lists.lugod.org
References: <5.2.1.1.0.20040629190557.0204f220@ideaworx.com>
Reply-to: lugod's technical discussion forum <vox-tech@lisMAPSts.lugod.org>
Sender: vox-tech-bounces@liMAPSsts.lugod.org
User-agent: Mutt/1.5.5.1+cvs20040105i

Quoting Lewis Perdue (lperdue@ideaworx.com):

> Back when our server was originally cracked, someone suggested that we look 
> at tripwire to monitor things once we had a clean install ... well, we've 
> got a clean install, but our investigation of Tripwire shows a GIANT 
> corporate Dilbert empire with layer upon layer of obfuscation and a set of 
> sticky hurdles to clear before even getting an evaluation unit ... they 
> boast of being able to monitor 2,500 servers, but Geez, folks how about 
> something for one or two servers?

There _is_ a GPLed Tripwire codebase, for whatever it's worth.  But
please also see discussion within my article, referenced below.

> Isn't there an open-source alternative for this bloatware poster child? 
> Even something that does a simple checksum kinda thing on key system and 
> .conf files would be welcome.

I mention some options inside http://linuxgazette.net/issue98/moen.html , 
which you might find interesting (or not) for other reasons, as well.

You might also want to browse available tools on some packetstorm mirror or
other, e.g., http://packetstormsecurity.nl/UNIX/IDS/ ,

-- 
Cheers,                     "All power is delightful, but absolute power
Rick Moen                    is absolutely delightful."  - Kenneth Tynan
rick@linuxmafia.com
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech

References:
- [vox-tech] Tripwire or equivalent
  - From: Lewis Perdue

Prev by Date: Re: [vox-tech] Tripwire or equivalent
Next by Date: Re: [vox-tech] Tripwire or equivalent
Previous by thread: Re: [vox-tech] Tripwire or equivalent
Next by thread: Re: [vox-tech] Tripwire or equivalent
Index(es):
- Date
- Thread

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.