Date: Sat, 12 Dec 1998 02:34:16 -0500 (EST) From: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu> To: security@FreeBSD.ORG Subject: Re: tripwire was Re: append-only devices for logging Message-ID: <8qQVls_00YUq0lKqg0@andrew.cmu.edu> In-Reply-To: <Pine.SUN.3.96.981211224050.15866A-100000@roble.com> References: <Pine.SUN.3.96.981211224050.15866A-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Excerpts from FreeBSD-Security: 11-Dec-98 Re: tripwire was Re: append.. by Roger Marquis@roble.com >> how do you protect tripwire from modification? > >We keep the entire tripwire directory encrypted when not in use. This latest discussion has had me toying with the idea of an NFS R/O mount for tripwire use, it has the obvious advantages of complete protection for tripwire and its datafiles. The main points of weakness that need to be addressed are: You need to trust your mount_nfs command, as well as the kernel Making sure the remote connection isn't tampered with. You can load mount_nfs off a floppy, and, in general I think that having to trust the kernel is a necessity. Where I begin to doubt is what to do for the network connection. I'm uncertain how feasable an attack on the network is, but UDP mode seems especilly volnerable to a hacked machine injecting data, I'm not sure how NFS woudl react to this at all. It would appear to be a good medium security measure, a network attack seems infeasable or at least easilly detectable were it to exist, forwarding a TCP NFS over ssh is tempting, but then you have to trust ssh (etc). Any comments on this? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8qQVls_00YUq0lKqg0>