From: erik <email@example.com>
Date: Sun, 20 Apr 2003 21:17:35 +0200
Bit Twister wrote:
> On Sun, 20 Apr 2003 20:19:52 +0200, erik wrote:
>> That's why things like were invented.
> I am sorry, I cannot understand what the hell you are trying to say.
tripwire, aide. Sorry.
>> Keeping a separate install mirror
>> is not helping you in any way since it does not show you how the
>> cracker came to his installation.
> I never indicated that it would. The only thing it is good for
> is to be able to see what was changed and what was added and
> prove that the box has not been cracked.
And for that you do not need more than tripwire or aide. Even an md5sum
Remove the obvious part (including the dot) for my email address
- Re: error.log entry
... Aide look like a better choice than Tripwire, I did find it in the ... repository, but I gonna take a look at it on the home site first. ... or for something which the cracker cannot see to disable there's ...
- Whats the better choice? aide or tripwire?
... Package: aide ... Description: Advanced Intrusion Detection Environment ... Package: tripwire ...
- Re: Rooted
... > you cannot use md5sum on a directory to see what was added. ... > As for tripwire, now your talking about a system monitoring itself. ... there is no such thing as a "good cracker". ...
- Re: Rooted
... >> And for that you do not need more than tripwire or aide. ... > you cannot use md5sum on a directory to see what was added. ... > As for tripwire, now your talking about a system monitoring itself. ... Echo _every_ command to a secure loghost. ...
- Re: Internet appliance?
... I may be a bit overworried, but I think something like Tripwire or AIDE ... To check your machine for rootkit attacks you may like to install ...