Am 22. Feb, 2001 schwäzte Kevin Buettner so: > Can someone give me a brief primer on how tripwire is implemented? I > read somewhere recently that it uses a kernel module on linux and > basically watches for open() calls (where write access is requested) > on specific system files. Is this right or not? That would be oh so much cooler :). I've never run it, but the description is that it builds a profile of the things you want watched, then goes out on a regular basis to make sure they haven't changed. Better is still to run off a ro medium. Anyone know the project that was doing that? I will be needing that soon. ciao, der.hans -- # der.hans@LuftHans.com home.pages.de/~lufthans/ www.YourCompanyHere.net ;-) # A Polish friend of mine got an offer for a free account from AOL. The # login ID was "HELLO" and the passwd "CYMBAL". She says "cymbal" is # Polish for "sucker". "Hello sucker" a greeting from AOHell :).