Bugtraq mailing list archives

Re: snooper watchers

From: eiji () netmarket com (Eiji Hirai)
Date: Fri, 24 Feb 1995 18:53:20 -0500


At Feb 24, 11:33am, Ben Taylor <bent () snm com> tapped on the keyboard:
: > Are you going to write a program that checks to see if root's cronjob has
: > been modified? Probably not, and if someone has access to /dev/nit, they're
: > going to have access to root's cronjob as well.
: 
: I suppose if you really wanted to make sure that crontab entries couldn't
: be changed is to put them on a write protected floppy, mounted at boot.

The best thing to do is to run tripwire from a read-only device (like a
floppy) from which you can check the integrity of any number of files,
like crontab.

        ftp://coast.cs.purdue.edu/pub/COAST/Tripwire

-- 
Eiji Hirai
The NetMarket Company
eiji () netmarket com

Current thread:

Re: snooper watchers, (continued)
- Re: snooper watchers Ben Taylor (Feb 22)
  - Re: snooper watchers Casper Dik (Feb 23)
  - Re: lsof on Solaris 2.4 (was snooper watchers ) Dave Goldberg (Feb 23)
- Re: snooper watchers John Adams (Feb 23)
  - Re: snooper watchers Julian Assange (Feb 23)
    - Re: snooper watchers Karl Strickland (Feb 28)
    - Re: snooper watchers Julian Assange (Feb 28)
  - Re: snooper watchers Ben Taylor (Feb 24)
- Re: snooper watchers Charles Stephens (Feb 23)
- Re: snooper watchers mascarkp () cc3 adams edu (Feb 24)
- Re: snooper watchers Eiji Hirai (Feb 24)
  - Re: snooper watchers Gene Rackow (Feb 25)
    - Re: snooper watchers Timothy Newsham (Feb 25)
    - Re: snooper watchers Darren Reed (Feb 25)
    - Re: snooper watchers Dr. Frederick B. Cohen (Feb 25)
- Re: snooper watchers smb () research att com (Feb 26)
- Re: snooper watchers der Mouse (Feb 26)
- Re: snooper watchers Timothy Jones (Feb 26)
  - Re: snooper watchers Leo Bicknell (Feb 26)
    - Re: snooper watchers Christopher Samuel (Feb 27)
  - No Subject Nicholas West (Feb 26)

(Thread continues...)