From: Green, Simon (Simon.Green@EU.ALTRIA.COM)
Date: Fri Feb 13 2004 - 14:20:26 EST
I think like most of these tools, if someone's got root access they can fool
it. Otherwise, it's fairly reliable.
If you look at TCB, the recommendation is that the TCB database is kept on a
removable medium which is physically secured whenever it's not in use. I'm
sure that much the same would apply for any other such tools.
-- Simon Green Altria ITSC Europe Ltd AIX-L Archive at https://new-lists.princeton.edu/listserv/aix-l.html New to AIX? http://publib-b.boulder.ibm.com/redbooks.nsf/portals/UNIX N.B. Unsolicited email from vendors will not be appreciated. Please post all follow-ups to the list. > -----Original Message----- > From: Adams Kevin J [mailto:kevin.adams@PHS.COM] > Sent: 13 February 2004 19:02 > To: aix-l@Princeton.EDU > Subject: Re: OS binaries integrity check > > > I know it's not as good as Tripwire or TCB (which has to be installed > initially at build), but lppchk -c will: > > "Performs a checksum operation on the FileList items and > verifies that the > checksum and the file size are consistent with the SWVPD database." > > I've never tried to fool it, so I don't know how good it is, > but it may be > useful.
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:36 EDT