Date: Tue, 13 Feb 1996 08:27:55 +0200 From: Mark Murray <mark@grondar.za> To: Jim Dennis <jimd@mistery.mcafee.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: tripwire, xinetd (or tcp wrappers) Message-ID: <199602130627.IAA03049@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
Jim Dennis wrote: > > Where can I find tripwire? How about xinetd? Neither have been ported to FreeBSD. Tripwire is available from cert (ftp.cert.org) and xinetd is a bunch sharfiles + later patches available from ftp.uu.net and mirrors in (something like) usenet/comp.sources.unix/volume??/xinetd/part* and usenet/comp.sources.unix/volume??/xinetd/patch* I seem to remember that there are a couple of patches in different volumes spread over a bit of time. > First item is I'd like to install tripwire, build its > initial database, and refine it's reporting/alerts before > I connect the machine to the 'net. Where can I find a copy > of the FreeBSD port of this? If I grab a copy from usc.edu > (or wherever) is there anything special I'll have to do to > compile it under FreeBSD? Naah. I works just fine. Small bit of twiddling. > So: Does anyone have any compelling preferences for tcpd or > xinetd? Are there any "gotch'yas" to compiling xinetd > for FreeBSD (I notices tcpd in the ports list on the 2.1.0 CD, > but couldn't find tripwire or xinetd). Tcp wrappers (tcpd) is/are pretty ubiquitous, but they only handle tcp - you are on your own with udp, so if you have plans to use FSP, you'll be SOL monitoring that. > Is xinetd faster (suffering from less process start latency) > than tcpd? Fractionally. Probably not even so you'd notice. > I'm also interested in other monitoring and security suggestions. > This particular machine (actually pair of machines) will be used > for distributing files via ftp and http. You amy want to have a look at COPS, also from CERT. FreeBSD already does a lot of what COPS does (scan for SUID file changes etc), but it will give you some ideas. > I might also configure it for fsp (if I can find a suitable > deamon *and* a suitable DOS|Windows|OS/2|NT|Win '95 client that > can be freely distributed). Is there such a beast (free > multiplatform client)? Are there any known security problems > with fsp? Is there an fspd with features similar to the wu-ftpd > (remote limits, group access controls, etc)? Sorry! I am clueless here! M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 Finger mark@grondar.za for PGP key
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602130627.IAA03049>