[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New monit web-interface

From: Thomas Oppel
Subject: Re: New monit web-interface
Date: Fri, 12 Jul 2002 11:45:14 +0200
User-agent: KMail/1.4.1

Am Freitag, 12. Juli 2002 10:59 schrieb Christian Hopp:
> On 11 Jul 2002, Jan-Henrik Haukeland wrote:
> > Christian Hopp <address@hidden> writes:
> > > Wouldn't it be enough to check ctime first and if newer then last
> > > cycle do a md5sum check.
> >
> > Yes another good idea, but..
> >
> > > Some server programs might come up to some megs.
> >
> > The check is pretty fast (for this type of application), aprox 0.07
> > sec (cpu time) for 2 megs.
> So I did it myself... I home you find it still usefull.  Patch is against
> last 2.5 beta.
> Bye,
> C.Hopp


maybe I'm a bit paranoid, but is true an intruder now only needs to mangle 
ctime that md5sums are never checked and monit helps to keep trojaned daemons 
As a user I expect the program makeing use of it in any case, if I read md5sum 
check in config.
As a sysop I don't care for a bit less performance, if I get a bit more 
security in return.
Anyhow, if checking file integrity is a typical tripwire job, I'm glad for 
every extra level of security I can get.
So, what about a 'general' check every x cicles, that sums are checked at 
least 2 or 3 times a day? Or a switch 'alwaysFullCheck=[true|false]' or such?

Kourentis und Br├╝ggemann
Informationssysteme GbR.
Rheinallee 72 - 53173 Bonn
Tel.  0228 / 3635 07
Fax.  0228 / 3635 09
Mobil 0163 / 5635830

reply via email to

[Prev in Thread] Current Thread [Next in Thread]