Am 22. Feb, 2001 schwäzte Kevin Buettner so:
> Can someone give me a brief primer on how tripwire is implemented? I
> read somewhere recently that it uses a kernel module on linux and
> basically watches for open() calls (where write access is requested)
> on specific system files. Is this right or not?
That would be oh so much cooler :).
I've never run it, but the description is that it builds a profile of the
things you want watched, then goes out on a regular basis to make sure
they haven't changed.
Better is still to run off a ro medium. Anyone know the project that was
doing that? I will be needing that soon.
ciao,
der.hans
--
#
der.hans@LuftHans.com home.pages.de/~lufthans/
www.YourCompanyHere.net ;-)
# A Polish friend of mine got an offer for a free account from AOL. The
# login ID was "HELLO" and the passwd "CYMBAL". She says "cymbal" is
# Polish for "sucker". "Hello sucker" a greeting from AOHell :).
(text/plain)