[svlug] worms -n stuff

Rick Moen rick at linuxmafia.com
Tue Jun 5 00:46:01 PDT 2001


begin  Drew Bertola quotation:

> Rick, I've never found out how aide to write the aide.db.new file to a
> non-local file system.  This seems to be important when using aide.
> What do you do?

Drew, the usual way to do that is to mount a floppy there, and then
write-protect it.  It doesn't have to be non-local, just not
software-writeable.

With the release of Tripwire 2.3 under the GPL, I'm giving it a try
again, and have the hundred-page PDF printout on my lapt to prove it.
Creating and iteratively tuning Tripwire policy files has always been a
major pain in the ass, and they haven't fixed that.  But the use of an 
asymetrically-crypto-signed database means that you can (probably) get
away from having to hassle with hardware-write-protected media, at
least.

The Tripwire, Inc. people were, after a number of initial stumbles,
extremely helpful and forthcoming with information about the relevant
intellectual-property questions.[1]  The one question they consistently 
failed to address, and which I still wonder about:  "Do you know of any 
patent encumbrances on Tripwire's technology?"

[1] Some initial claims stated that Tripwire had been open source from 
its beginning, which was not true.  Also, until recently, all available
information suggested that Tripwire, Inc. didn't own the codebase's 
copyright.  And there were other concerns.

-- 
Cheers,                    "Send a policeman, and have it arrested."
Rick Moen                     -- Otto von Bismarck, when asked what he 
rick at linuxmafia.com               would do if the British Army landed.




More information about the svlug mailing list