Re: ?hack cause?

From: tps@unslept.com
Date: 03/30/02


Date: Sat, 30 Mar 2002 17:27:20 -0500
To: "Eric P. Forgette" <epforgette@overnite.com>
From: tps@unslept.com

On Thu, Mar 28, 2002 at 08:09:06AM -0500, Eric P. Forgette wrote:
> > Even if you don't run tripwire you can do a basic tripwite
> > test against another machine.
>
> tripwire is a wonderful thing, but if the budget doesn't allow (tripwire
> is no longer free) check out fcheck. If you're a perl hack, you'll love
> this. While sum will work, I suggest grabbing md5 (binary package at
> sunfreeware) for your checksums.
>
> http://www.geocities.com/fcheck2000/fcheck.html

Another file integrity checker is AIDE. Very nice, faster than tripwire.
If you want the top end of Open Source tools like this, look at Samhain.
It's still what I consider 'beta', but it's great, providing near-time
checking of files, signed messages, and remote central logging, amoung
other things.

Tim

-- 
  
   >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
   >> Tim Sailer (at home)             ><  Coastal Internet,Inc.           <<
   >> Network and Systems Operations   ><  PO Box 671                      <<
   >> http://www.buoy.com              ><  Ridge, NY 11961                 <<
   >> tps@unslept.com/tps@buoy.com     ><  (631)924-3728  (888) 924-3728   <<
   >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<



Relevant Pages

  • Re: Tripwire vs. other file integrity checkers
    ... boxes, but now I want to know if there is any file integrity checker ... package better than Tripwire, ...
    (Debian-User)
  • re: monitoring file changes
    ... although i didn't check out tripwire, ... file integrity checker sounds just great! ... with regards, ...
    (Security-Basics)
  • Re: being hacked?
    ... - AIDE or Tripwire will maintain a list of checksums of binary files and ... libraries - so you can tell if anything's changed ...
    (Debian-User)
  • Re: MD5 checksum
    ... >What if subfolder has another sub-subfolder? ... You'll get checksums for the files and errors about ... As another poster said, use tripwire, or you can use find ...
    (RedHat)
  • Re: ?hack cause?
    ... >> Even if you don't run tripwire you can do a basic tripwite ... > tripwire is a wonderful thing, but if the budget doesn't allow (tripwire ... > is no longer free) check out fcheck. ... And there is always the old academic source release. ...
    (Focus-SUN)