Has anyone built a system sharing a dual-ported disk between the server (checkee) and another machine that runs something like tripwire (checker)? Obviously, the checker shouldn't be attached to the 'net... Tim Gene Rackow writes: > If I turn the paranoid mode up a notch or two here.. > What is to stop someone from mounting another filesystem over the top of > your tripwire database and crontab entries. Replace the mount and df > commands to not show the new mount point. Now you continue to believe > that you are a happy camper, all safe and secure. > > You really need to do a seperation of the checkee from the checkor. > If someone has root access on the machine, the could basicly do anything that > is needed to cover their tracks.