Re: Tripwire reports many violations but no errors
From: Juha Laiho (Juha.Laiho_at_iki.fi)
Date: 05/04/04
- Next message: _at_@zzeenn..ccoo.uukk: "Re: log all activity of a special user?"
- Previous message: Mark J. Nenadov: "Re: log all activity of a special user?"
- In reply to: Anthony Campbell: "Re: Tripwire reports many violations but no errors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 04 May 2004 16:17:03 GMT
Anthony Campbell <me@privacy.net> said:
>Thanks for this explanation, which confirms what I suspected and
>provides useful details. I do an upgrade from unstable most days which
>no doubt explains the report. I'm beginning to wonder if it is worth
>having tripwire there on a standalone system. I installed it after I had
>to reinstall my system following a compromise, but keeping it up to date
>seems to be fairly time-consuming.
It's somewhat time-consuming, but if you can restrict your updates
(_and_ check that the configuration file doesn't report unnecessary
changes), you could refresh the database manually after each update
(preferably running a check just before the update). But yes, it's
work, and I'm also considering whether running tripwire is worth
anything for me.
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
- Next message: _at_@zzeenn..ccoo.uukk: "Re: log all activity of a special user?"
- Previous message: Mark J. Nenadov: "Re: log all activity of a special user?"
- In reply to: Anthony Campbell: "Re: Tripwire reports many violations but no errors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
