I have a question for those of you using Tripwire v1.1 to protect
your Firewalls. How are you dealing with the catch-22 problem of
how to protect the Tripwire database itself? When you create the
database with "tripwire -initialize", and then later do an integrity
run, Tripwire reports the database as "changed" or "new" (depending on
whether or not one existed before). Even if you use the
"tripwire -update" or "tripwire -interactive" options to update
the entry for the database in the database itself, the next integrity
run still reports the file has having changed.
Have any of you come up with ways to avoid this catch-22 situation?
Bill Heiser heiser @