Prev-20 Home Next-20 5 msg DSA/DSS keys and DSA 1576-1/CVE-2008-0166. 2 msg openssl/openssh fixes for lenny (testing) 2 msg openssl / x509 certs 2 msg leakage of keys? 2 msg dowkd.pl - how the blacklist data is generated ? 8 msg Re: [SECURITY] [DSA 1576-1] New openssh package... 4 msg dowkd.pl via Package 1 msg CHAO BAN 32 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 4 msg Broken link on Debian CVE Web page (Was: [SECUR... 10 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 3 msg Re: [SECURITY] [DSA 1575-1] New Linux 2.6.18 pa... 1 msg Mystery of Lyle & Louise is Making Headlines 1 msg Herr Bühler Arbeite nicht mehr bei der V-ZUG AG 5 msg Re: [SECURITY] [DSA 1573-1] New php5 packages f... 4 msg Re: [SECURITY] [DSA 1572-1] New php5 packages f... 3 msg Question about Security securing server \ Jean-Paul Lacquement (7 May 2008) . \ Yves-Alexis Perez (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . \ Steve (7 May 2008) . . . . . \ Arture Le Coiffeur (7 May 2008) . . . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . . . \ Steve (7 May 2008) . . . . . . \ Harry Jackson (7 May 2008) . . . . . . \ Daniel Leidert (7 May 2008) . . . . . \ Bernd Eckenfels (7 May 2008) . . . . \ Oliver Antwerpen (7 May 2008) . . . . . \ Rich Healey (13 May 2008) . \ weakish (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Bernd Eckenfels (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Julien Gormotte (7 May 2008) . . . \ Maik Holtkamp (8 May 2008) . \ Brent Clark (7 May 2008) . \ Holger Wesser (7 May 2008) . \ Stephen Vaughan (7 May 2008) . \ Alex Mestiashvili (7 May 2008) . . \ Alex Mestiashvili (7 May 2008) . \ Ticlea Petru Alexandru (7 May 2008) . \ Simon Brandmair (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Simon Valiquette (7 May 2008) . \ Onno Gabriel (7 May 2008) . \ P PRABHU (8 May 2008) . . \ Rich Healey (13 May 2008) . \ Bjørn Mork (8 May 2008) . \ phobot (9 May 2008) . . \ Noah Meyerhans (9 May 2008) . . . \ weakish (9 May 2008) . . \ Johannes Graumann (9 May 2008) . \ Simon Brandmair (9 May 2008) 1 msg Re: [SECURITY] [DSA 1570-1] New kazehakase pack... 2 msg Re: [SECURITY] [DSA 1569-1] New cacti packages ... Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg Subject: Re: securing server Group: Debian-security From: Noah Meyerhans Date: 9 May 2008 On Fri, May 09, 2008 at 05:54:40AM -0700, phobot wrote: > On May 7, 1:10 pm, martin f krafft <madd...> wrote: > > > use integrit/aide/tripwire > > > > only useful with read-only media > > OK, I don't get it if the media is read-only none can alter it so you > don't really need tripwire. > But if the media is writable so changes can be made you need to run > tripwire to check your files. > Where am I wrong? What madduck is saying is that tools like tripwire are only useful if you store their databases on read-only media. Otherwise the same attacker who compromised your system could modify the database to cover their tracks. At least tripwire has the ability to encrypt its database, which helps to mitigate this problem. The claim that tripwire is only useful with read-only media is too strong; it can be quite useful without it. noah Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg

© 2004-2008 readlist.com