Great Circle Associates Firewalls
(March 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Tripwire tw.db_* database
From: Mark Verber <verber @ parc . xerox . com>
Date: Fri, 4 Mar 1994 07:44:08 PST
To: firewalls @ greatcircle . com, heiser @ world . std . com

My solution to the catch-22 problem is to store the tripwire database
on media which have a switch to enable hardware enforced
write-protection.  My temporary solution is that tripwire, a small
wrapper program, and a compressed copy of the tripwire database live
on a floppy with the write protect tab set which stays mounted as a
file system on my firewall machine.  The wrapper uncompresses the
database and runs tripwire.  Doing an update requires you to unmount
the floppy, switch off the write protect tab, and then remount the
floppy.  My long term solution is to find a small SCSI disk which I
have verified really honors it's write-protect switch whenever it is
set or unset.  I will mount a physical switch on the outside of the
disk box which I unprotect when I need to update the database.  This
is a pain in the neck since it requires being physically present in
front of the disk/firewall... but that means that a purely electronic
attack with not be able to corrupt your database.

--mark


Indexed By Date Previous: Re: Interlock bug
From: "Michael Nittmann, Principal Communications Analyst, The Trane Company (608 787 3792)" <NITTMANN @ UWLAX . EDU>
Next: Re: Interlock bug
From: blu @ jericho . mc . com (Brian Utterback)
Indexed By Thread Previous: Tripwire tw.db_* database
From: heiser @ world . std . com (Bill Heiser)
Next: Re: Interlock bug
From: "Michael Nittmann, Principal Communications Analyst, The Trane Company (608 787 3792)" <NITTMANN @ UWLAX . EDU>

Google
 
Search Internet Search www.greatcircle.com