[rescue] SGI fw_sshd and security
mcguire at neurotica.com
Mon Mar 8 11:41:39 CST 2004
On Mar 8, 2004, at 9:28 AM, Kevin wrote:
> Your Tripwire database, executable binary and tw.config file are
> supposed to be located on read only media. An attacker could
> edit the cron process, that runs Tripwire automatically, to run a
> hacked version, but that would still fail with manual audits
> which should be done at least once a week.
Yes, supposed to be...but who actually does that?
Dave McGuire "My tummy hurts now, but my soul
Cape Coral, FL feels a little better." -Ed
More information about the rescue