Re: gateway security?
From: Stephan Eckner (stephan-freebsd-security@eckner.org)
Date: 12/10/02
- Next message: Duncan Campbell: "Re: gateway security?"
- Previous message: Fernando Gleiser: "Re: (slightly OT) IPSec with dynamic IP"
- In reply to: Eric Timme: "gateway security?"
- Next in thread: Duncan Campbell: "Re: gateway security?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 10 Dec 2002 11:06:28 +0100 From: Stephan Eckner <stephan-freebsd-security@eckner.org> To: freebsd-security@freebsd.org
On Mon, Dec 09, 2002 at 01:17:15PM -0600, Eric Timme wrote:
<--snip-->
> I'm planning to deploy aide with a write protected diskette, but would like
> some advice as to other products to look into; I don't access the machine
aide works quite well. If you're looking for a more lightweight implementation,
have a look at http://integrit.sourceforge.net/ (you'll find it in the ports
as well). Don't forget to put the statically linked binary on the protected
disk as well, or, even better: put the database, the config-file and the
binary on some _other_ machine, have cron-job running on that other machine,
that rsyncs all three files and than runs the verification via ssh :)
I wrote some (very simple) shell-scripts to do that for me, if you're
intrested, send me private mail.
Hope it helps,
Stephan
-- Stephan Eckner http://www.eckner.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Duncan Campbell: "Re: gateway security?"
- Previous message: Fernando Gleiser: "Re: (slightly OT) IPSec with dynamic IP"
- In reply to: Eric Timme: "gateway security?"
- Next in thread: Duncan Campbell: "Re: gateway security?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
