[rescue] SGI fw_sshd and security

Dave McGuire mcguire at neurotica.com
Mon Mar 8 11:41:39 CST 2004

On Mar 8, 2004, at 9:28 AM, Kevin wrote:
> Your Tripwire database, executable binary and tw.config file are
> supposed to be located on read only media.  An attacker could
> edit the cron process, that runs Tripwire automatically, to run a
> hacked version, but that would still fail with manual audits
> which should be done at least once a week.

   Yes, supposed to be...but who actually does that?


Dave McGuire                      "My tummy hurts now, but my soul
Cape Coral, FL                   feels a little better."     -Ed

More information about the rescue mailing list