At the moment I am trying to wing myself off of tripwire in favor of something else to do file integrity. Tripwire, when downloaded from its website, seg faults on redhat 9. tripwire is a good solution for post compromised forensic analysis. Jeremy -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Aldo S. Lagana Sent: Friday, September 19, 2003 1:40 PM To: 'Jeffrey Laramie'; netfilter@xxxxxxxxxxxxxxxxxxx Subject: RE: Additional Security Tripwire seems to be a filesystem monitor - I wouldn't necessarily run it or feel more secure running it, but others may disagree... I run portsentry, snort, squid and iptables (along with poptop and freeswan VPN servers) -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Jeffrey Laramie Sent: Friday, September 19, 2003 1:15 PM To: netfilter@xxxxxxxxxxxxxxxxxxx Hi All, I previously used Redhat releases for my firewall boxes, and they install iptables and tripwire by default. I have switched to SuSE 8.2 which doesn't install tripwire by default. My question is: Do you think it's worthwhile to install and configure tripwire on an iptables firewall box? I can't think of a better forum to get a straight opinion on this and I think this topic is of interest to most of the list members. However I understand this thread is off topic and will gladly take it off list or move it to another forum if you can suggest one. Jeff
