June 2003
Intermediate to advanced
336 pages
8h 54m
English
Content preview from Linux Security CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
1.7. Ultra-Paranoid Integrity Checking
Problem
You want highly secure integrity checks, at the expense of speed and convenience.
Solution
Securely create a bootable CD-ROM containing a minimal Linux system, the tripwire binary, and your local and site keys. Disconnect your computer from all networks, boot on the CD-ROM, and perform an integrity check of your computer’s disks, using executable programs on the CD-ROM only.
Back up your Tripwire database, configuration, and policy frequently, in case an attacker deletes them from your system.
Discussion
This cumbersome but more secure method requires at least two computers, one of them carefully trusted. As before, we’ll call the trusted system trusty and the Tripwire machine trippy. Our goal is to run secure Tripwire checks on trippy.
The first important step is to create a bootable CD-ROM securely. This means:
Create the CD-ROM on trusty, a virgin Linux machine built directly from trusted source or binary packages, that has never been on a network or otherwise accessible to third parties. Apply all necessary security patches to bring trusty up to date.
Configure the CD-ROM’s startup scripts to disable all networking.
Populate the CD-ROM directly from trusted source or binary packages.
Create your Tripwire site key and local key on trusty.
Second, boot trippy on the CD-ROM, mount the local disks, and create trippy’s Tripwire database, using the tripwire binary and keys on the CD-ROM. Since the Tripwire database, policy, and configuration ...