mtree vs tripwire

Jesper Louis Andersen jlouis at mongers.org
Wed Jan 14 10:09:13 PST 2004


Quoting D J Hawkey Jr (hawkeyd at visi.com):

> This might seem really naive, but can mtree be used effectively as
> a native-to-core-OS tripwire equivalent? Would it be as efficient in
> terms of time-to-run and resource requirements?
> 
> What sort of pitfalls should I be aware of?

Yes, it can:

Pro: distributed with base
Con: Only available for *BSD architectures as far as my knowledge goes.

What it means is that if you want to cryptographically hash a Linux-box
tripwire might be better to use because you would get a common interface
across your platforms. On the other hand, last time I looked tripwire
was a magnificient piece of bloat.

-- 
j. 


More information about the freebsd-security mailing list