[Biojava-dev] Security
Chris Abajian
chrisa at espressosoftware.com
Thu Dec 4 22:23:49 EST 2003
On Wed, 2003-12-03 at 23:50, David Huen wrote:
> With the recent breaches at Debian, FSF and now Gentoo, do
> we have a way of checking the integrity of our two cvs servers?
After the fact? You might be able to go back to the distro disks and
checksum various packages (rpm has a mode for this). Obviously you
should look at the logs, check the passwd file, etc.
As for staying out of trouble, if you're not doing so already, run an
IDS (Intrusion Detection System). IMHO it's worth the effort if you're
hosting a valuable community resource like this. Basically it's a
utility that checksums all the critical files on your system (then you
write the sums to a CD-R). If anything changes (because of rootkit or
other trojan) it shows up in the report.
Tripwire is a well-known one but the free version is wretched. AIDE
(http://sourceforge.net/projects/aide) is free (GPL) and I seem to
recall a report that it rang the alarm at Debian. I've been watching
their dev list for a while and it's been gaining momentum steadily over
the last few months.
I'd be willing to help.
--
Chris Abajian
Espresso Software Development, L.L.C.
http://espressosoftware.com
206.910.4903
Espresso Software Development provides software development and
consulting services. We develop, deploy and support scalable,
multi-tiered, high-availability web, e-commerce and data-processing
applications.
More information about the biojava-dev
mailing list