chkrootkir LKM Trojan ?
ubuntu at rio.vg
ubuntu at rio.vg
Tue Jul 18 17:24:32 UTC 2006
Dave S wrote:
> On Tuesday 18 July 2006 02:11, ubuntu at rio.vg wrote:
>> boricua wrote:
>> Personally, I install tripwire on all my machines to make sure things
>> like that don't get compromised...
>
> I always thought tripwire was overkill for desktop machines - have
> reconsidered, I think I will give it a go. Of course I would have to
> re-install my machine to be sure :(
>
If I had to roll out a whole mess of desktop machines, I would agree
with you, tripwire does require a certain amount of diligence. And,
unfortunately, it looks like tripwire has been abandoned.
So far, I've yet to find a replacement. aide is useless, since the
database it keeps isn't encrypted or signed. I don't know of any other
programs that fulfill the same function. I've heard samhain does, but I
haven't had a chance to try it out myself.
More information about the ubuntu-users
mailing list