[rescue] SGI fw_sshd and security
kevin at mpcf.com
Mon Mar 8 17:02:28 CST 2004
I do it for all servers whose config doesn't change within six
months. For us, that's most of them.
On Mon, 8 Mar 2004 12:41:39 -0500
Dave McGuire <mcguire at neurotica.com> wrote:
> On Mar 8, 2004, at 9:28 AM, Kevin wrote:
> > Your Tripwire database, executable binary and tw.config file
> > are supposed to be located on read only media. An attacker
> > could edit the cron process, that runs Tripwire
> > automatically, to run a hacked version, but that would still
> > fail with manual audits which should be done at least once a
> > week.
> Yes, supposed to be...but who actually does that?
> Dave McGuire "My tummy hurts now, but my
> soul Cape Coral, FL feels a little better."
> rescue list - http://www.sunhelp.org/mailman/listinfo/rescue
More information about the rescue