[email protected] wrote:
On Mon, 03 Jul 2006 19:00:38 EDT, Bill Davidsen said:
[email protected] wrote:
There's other issues as well. Why do people run 'tripwire' on boxes that
have RAID on them?
What has RAID got to do with detecting hacking?
Actually, I've had tripwire detect more *accidental* changes due to buggy
software than I have had it detect actual hacking. Oh, and it's good at
catching unintended config changes - I started using tripwire after I
fat-fingered a script, and the machine backed up to /dev/null instead of
/dev/rmt0.
But it ran faster, right? ;-)
In fact, I've never actually had tripwire detect actual hacking.
I was using hacking in the general sense, I have a spiffy quote around
about being in more danger from incompetence than malice. Patches with
side effects, changes which work but reset directory permissions and/or
ownership... I think it was Pogo who said "we have met the enemy and he
is us."
--
bill davidsen <[email protected]>
CTO TMR Associates, Inc
Doing interesting things with small computers since 1979
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
