On Tue, Nov 30, 2010 at 7:01 AM, Michael Scheidell <scheidell@secnap.net>
wrote:> Any interest in Tripwire Commercial version?
Maybe
> I have a client who wants to allow their enterprise tripwire console to be
> able to monitor the servers that do the real work (the freebsd servers) as
> well as the token windows servers which are being monitored now.
>
> What version would you like to see it on? one of the .[135] versions for
> long life?
>
> 7.3? amd64? 8.1?
I tend to use the most current version that I have tested. (IE most
current) I generally use AMD64, but also i386.
> is i386 ok, as long as all the libraries exist?
Probably.
> does everyone put 32 bit compatibility libraries in their amd64 builds?
> ______
Never, unless running cosed source software. It seems to triple your
attack surface area.
You are vulnerable to 64bit exploits, 32bit exploits and exploits of
the translation layer.
Sort of lame of security software to increase your vulnerability.
________________________________________________________________> This email has been scanned and certified safe by SpammerTrap(r). For
> Information please see http://www.secnap.com/products/spammertrap/
> ______________________________________________________________________
> ?_______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
"freebsd-security-unsubscribe@freebsd.org"
>