Genroo rsync Server Compromised
Collins Richey
erichey2
Mon May 17 11:56:29 PDT 2004
On Wed, 03 Dec 2003 20:19:14 -0800 Ken Moffat <kmoffat at drizzle.com> wrote:
> Collins Richey wrote:
>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>Exactly the problem I'm having. I just set up tripwire, and the output
> >>includes all of /proc, some of /var/log, 171790 is the file size of the
> >>report! This is the default debian configuration, and will be modified
> >>if I keep using it, but wow! too much!
> >>
> >>
> >>
> >
> >I've never used tripwire, but surely there is a method to exclude certain
> >directories/filesystems from the scan!?
> >
> >
> >
>
> Yes, and quite easily, but I need to do some research to see why they
> are there in the first place. They seem unnecessary, but what do I know?
>
It's got to be a screwup. /var is a volatile directory during normal
operations and should never be reported by tripwire, otherwise you'll have the
mess you described.
--
Collins Richey - Denver Area
if you fill your heart with regrets of yesterday and the
worries of tomorrow, you have no today to be thankful for.
More information about the Linux-users
mailing list