[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Tripwire

Subject: Re: [cobalt-users] Tripwire
From: Kris Dahl <krislists@xxxxxxxxxxxxx>
Date: Thu Sep 7 14:36:42 2000

on 9/6/00 10:43 AM, Jeff Martin at jeff@xxxxxxxxxxxxxxxx wrote:

> I was rereading the Tripwire license on tripwire.com
> (http://www.tripwire.com/downloads/license.txt),
> and it says you can't deploy the software on a machine that is accessible
> from the Internet.  Is this true of all Tripwire downloads?  Are we all
> breaking the law?

tripwire bites.  so you probably are.

I was called the other day by one of their sales guys.  I said we are and
will be deploying open source IDS's and that I'm not interested.  He says
that they have an open sourced linux version.  I say "Where? I checked
yesterday and it says that you are *going* to release it."

Long story short, the guy was misinformed, the open sourced version is not
out yet, and I think it has a lame license.

I use AIDE instead.  Good tool.

One note: you will need to keep the database OFFLINE.  Otherwise it can be
modified.  We keep them on a write protected floppy disk in the server's
floppy drive.  That way I can compare, but can't change.

Second note: it does no good to run tripwire, aide, etc. AFTER you have put
the machines on the network.  You have got to do it after the machine is
ready to go, but before it goes live.

-k

References:
- [cobalt-users] Tripwire
  - From: Jeff Martin

Prev by Date: Re: [cobalt-users] Re: Let's get this over with...shooting fromthe hip
Next by Date: Re: [cobalt-users] (no subject)
Previous by thread: Re: [cobalt-users] Tripwire
Next by thread: [cobalt-users] Tripwire

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index