[rescue] SGI fw_sshd and security

Dave McGuire mcguire at neurotica.com
Mon Mar 8 22:52:32 CST 2004


   I am...Impressed. :-)

      -Dave

On Mar 8, 2004, at 6:02 PM, Kevin wrote:
> I do it for all servers whose config doesn't change within six
> months.  For us, that's most of them.
>
> /KRM
>
> On Mon, 8 Mar 2004 12:41:39 -0500
> Dave McGuire <mcguire at neurotica.com> wrote:
>
>> On Mar 8, 2004, at 9:28 AM, Kevin wrote:
>>> Your Tripwire database, executable binary and tw.config file
>>> are supposed to be located on read only media.  An attacker
>>> could edit the cron process, that runs Tripwire
>>> automatically, to run a hacked version, but that would still
>>> fail with manual audits which should be done at least once a
>>> week.
>>
>>    Yes, supposed to be...but who actually does that?
>>
>>          -Dave
>>
>> --
>> Dave McGuire                      "My tummy hurts now, but my
>> soul Cape Coral, FL                   feels a little better."
>>   -Ed
>> _______________________________________________
>> rescue list - http://www.sunhelp.org/mailman/listinfo/rescue
>
>
> -- 
> keyserver: http://pgp.mit.edu/
> _______________________________________________
> rescue list - http://www.sunhelp.org/mailman/listinfo/rescue
>
>

--
Dave McGuire                      "My tummy hurts now, but my soul
Cape Coral, FL                   feels a little better."     -Ed



More information about the rescue mailing list