Subject: Re: Chapter 8 security
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.ORG>
From: Luke Mewburn <lukem@NetBSD.org>
List: current-users
Date: 04/19/2004 10:35:21
--4ndw/alBWmZEhfcZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sun, Apr 18, 2004 at 02:54:34PM -0400, Greg A. Woods wrote:
  | The /etc/security support of /var/backups should even be sufficient for
  | the purposes of auditing "all system changes", and even the granularity
  | can be adjusted as necessary; though perhaps a well planned and deployed
  | tripwire install (or similar scheme, e.g. with mtree) would be even
  | better.....

NetBSD 2.0 has /etc/mtree/set.*, which contains the mtree information
including permissions and SHA1 hashes for all the files in the given set.
This could easily be used as the basis for tripwire like functionality.

Cheers,
Luke.

--4ndw/alBWmZEhfcZ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iD8DBQFAgx7JpBhtmn8zJHIRAoXOAJ0T1EfNYQD0CNlA3ptUpOr/dS6dwwCglK9g
ByuS8SGddA9fcVwE1sYZMeQ=
=Tan2
-----END PGP SIGNATURE-----

--4ndw/alBWmZEhfcZ--