home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.security.misc:1742 alt.security:4808 comp.unix.admin:6181
- Newsgroups: comp.security.misc,alt.security,comp.unix.admin
- Path: sparky!uunet!ferkel.ucsb.edu!taco!gatech!news.ans.net!newsgate.watson.ibm.com!yktnews!admin!aixproj!uri
- From: uri@watson.ibm.com (Uri Blumenthal,35-016,8621267,)
- Subject: Re: Tripwire release
- Originator: uri@aixproj.watson.ibm.com
- Sender: news@watson.ibm.com (NNTP News Poster)
- Message-ID: <1992Nov13.174545.145856@watson.ibm.com>
- Date: Fri, 13 Nov 1992 17:45:45 GMT
- Disclaimer: This posting represents the poster's views, not necessarily those of IBM
- References: <BxMEuE.CwC@mentor.cc.purdue.edu>
- Nntp-Posting-Host: aixproj.watson.ibm.com
- Organization: IBM T.J. Watson Research Center
- Lines: 23
-
- From article <BxMEuE.CwC@mentor.cc.purdue.edu>, by genek@mentor.cc.purdue.edu (Gene Kim):
- > Tripwire supports hooks for up to ten signature routines. We
- > ship it with MD5, Snefru, CRC32, CRC16, MD4, and MD2.
- > By default, Tripwire checks a file's MD5 and Snefru signature.
-
- Good enough, I'd say (:-).
-
- >> b) The database of signatures is to be protected.............
- >
- > Tripwire includes a 'sigfetch' utility that simply spits out the
- > signature for a given file. A simple shell script could offer this
- > functionality. As part of the Tripwire design, we require that the
- > database be immediately moved to a safe location (e.g., some read-only
- > media).
-
- Why not just prompt the user for the key, and encrypt the database?
- You could have plugs for DES, IDEA, FEAL (for those not very much
- security-concerned :-)...
- --
- Regards,
- Uri. uri@watson.ibm.com
- ------------
- <Disclaimer>
-
