Information Security News mailing list archives
Re: Linux snares security tool
From: InfoSec News <isn () c4i org>
Date: Mon, 12 Nov 2001 03:41:03 -0600 (CST)
Forwarded from: Me <joe () plaguesplace dyndns org> On Fri, Nov 09, 2001 at 02:54:32AM -0600, InfoSec News wrote:
Forwarded from: Ejovi B. Nuwere <ejovi () ejovi net> Cc: nicole.bellamy () zdnet com au
[snip]
Or are you saying that it works on Linux? I'm confused. I suspect you are too. Why did you not research the subject, if you had you would have found tripwire (http://www.tripwire.org/) which has been around and widely used for almost 10 years. What about quoting experts other then the company CEO? Either you've been had, or need a refresher course in journlistic intergrity. Your friend, ejovi
On Fri, Nov 09, 2001 at 02:57:46AM -0600, InfoSec News wrote:
Forwarded from: security curmudgeon <jericho () attrition org> cc: nicole.bellamy () zdnet com au, errata submission <errata () attrition org> Unless there is more to it, this claim is completely wrong. Hell, one could argue that "syslog" matches this description since it will log audit related events.
[snip] I think there is more to it. This is not the same thing as tripwire or any other host based intrusion dection system. This is more like the security auditing system that you would find described in the rainbow books. You would find such an auditing system on a C2 trusted system or higher. This is something that has been woefully lacking on linux systems. We have had the mandatory access control lists. This auditing system goes hand in hand with MACs. http://www.fas.org/irp/nsa/rainbow/tg001.htm http://www.intersectalliance.com/projects/Snare/index.html joe -- Don't forget to feed your brainworms chocolate covered mothballs or the pigs will eat grandma on the farm. --paraphrased Joe Walsh from the Drew Carey allstar improv. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Linux snares security tool InfoSec News (Nov 07)
- <Possible follow-ups>
- Re: Linux snares security tool InfoSec News (Nov 09)
- Re: Linux snares security tool InfoSec News (Nov 09)
- Re: Linux snares security tool InfoSec News (Nov 09)
- Re: Linux snares security tool InfoSec News (Nov 12)
- Re: Linux snares security tool InfoSec News (Nov 12)
- Re: Linux snares security tool InfoSec News (Nov 12)
- Re: Linux snares security tool InfoSec News (Nov 13)
- Re: Linux snares security tool InfoSec News (Nov 13)
- Re: Linux snares security tool InfoSec News (Nov 14)
- Re: Linux snares security tool InfoSec News (Nov 15)