similar to: Re: trusted computing

I was recently looking at verifying the attestation data (ssh-sk-attest-v00) for a SK key, but I believe the data saved in this structure is insufficient for completing verification of the attestation. While the structure has enough information for U2F devices, FIDO2 devices sign their attestation over a richer "authData" blob [1] (concatenated with the challenge hash). The authData blob

Hi, We are pleased to announce the call for presentations for this years Confidential Computing MC at the Linux Plumbers Conference. In this microconference we want to discuss ongoing developments around Linux support for memory encryption and support for confidential computing in general. Topics of interest include: * Support for unaccepted memory * Attestation workflows * Confidential

Dear, We released VMKNOPPIX(20070328) with Trusted Boot. http://unit.aist.go.jp/itri/knoppix/vmknoppix/index-en.html VMKnoppix is a collection of Virtual Machine Software, Xen, KVM, VirtualBox, QEMU, KQEMU(QEMU with Accelerator) and UserModeLinux. This version includes "Trusted Boot" (Trusted GRUB and IMA: Integrity Measured Architecture). === Features

This may be, or may not be a security issue, however, since alot of people still use tripwire-1.2 or lesser versions(this is what shipped with R.H. Linux 5.2 at least), they might be interested in following detail: Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with coredump on R.H. linux, if it hits a filename containing 128-255 characters. Playing a bit with debugger I

Dear All, I'm using Centos5 to run a firewall, and as part of the intrusion detection apparatus, I use tripwire (tripwire-2.4.1.1-1.fc6.x86_64.rpm - as made for fedora core 6, and then tweaked with my own twpol.txt). My problem, is that when I su to root, a .xauth file is created with a random tail name - i.e. /root/.xauthyN4aHS or /root/.xauth1sGdFh and this causes tripwire to

Hi folks, on CentOS 6.5 I run tripwire software which verifies data integrity. My system is automatically updated by yum (as far as I understand the /etc/cron.daily/0yum.cron is responsible for the regular system updates). After a system update I'm then notified by tripwire about the changes on the file system. By browsing those tripwire reports I found that there are files which did

I'm trying to run tripwire on a RHEL 5.4 box. I'm new to it. I'm getting errors: The object: "/ora" is on a different file system...ignoring. For one thing, it's not a different file system. It's not any different than the root partition, that tripwire will monitor. And I want tripwire to monitor it. I've been googling around, and have seen this error in

Hi, I literally have about 36 machines running CentOS on a private network, and will probably change the remaining 30 or so away from Whitebox or RH in the near term. One thing I just noticed was when I tried to search out Tripwire RPM's, that none seemed evident. Can anyone point me in the direction of an Tripwire RPM that works with CentOS 4.3, or advise me on how to create one from the

Hello all, Years ago, I used to work with tripwire for system monitoring. Last time I checked with "yum search tripwire", there is no hit. IIRC, it used to be packed by default on older Redhat distros. Any suggestion for an alternative of tripwire for my CentOS 5.6? Cheers, -- ********************************************************************** Viet Nhat General Joint Stock

I have an updated tripwire port which I'd like to release for testing prior to replacing the existing and currently broken tripwire port. I've tested it under the upcoming 6.1, which it seems to work well in my test environment and will commence testing under 4.11-STABLE, the upcoming 5.5, and 7.0-CURRENT. The things that are on my todo list are: - Fully test under 4.11-STABLE. -

Hello, when one has physical access to a computer, he can run something like tripwire, with keys and checksum on a separate, write-only media, to verify the integrity of the system. What if the system is a remote one (in my case Centos 4.3 on a User Mode Linux VPS some hundred of KMs from here)? Does it still make sense to run tripwire remotely? If yes, how, since you cannot plug a floppy or

Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? M. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi all, Please find below a complete transcript of the emails between debian/kernel-mm mailing lists. I've had a response back from someone on the deb mailing list stating: ==================================== The bug seems to be that sshd does not reset the OOM adjustment before running the login shell (or other program). Therefore, please report a bug against openssh-server.

I'm noticing something strange on two of my machines.. They're both 4.7-RELEASE-p3 i386 and they've both been up 150 days without any problems... /var/log/messages on each system contains only: Jun 9 12:00:01 in newsyslog[60291]: logfile turned over dmesg's output is truncated.. it periodically changes, but currently it reads: ite.net host=6532251hfc207.tampabay.rr.com

Hi. We have a configuration and audit application called Tripwire Enterprise (7.5) that is running on a Red Enterprise Linux 5.2 server. On this server, we are using winbind (samba version 3.0.33) for authentication (against Windows AD). When we try to run a configuration check on users and permissions we get an error that there is a problematic frame : C [libnss_winbind.so.2+0x129f] . I

I'm completely new to asterisk and while we have access to Nortel experts none of them know asterisk and since I'm the network guy I've been lumped with this. This is what I'm trying to accomplish We have a CS1000 that's sip capable. I want to be able to connect an Asterisk box to the cs1000 via sip as an IVR, so I can pass a call off to asterisk, go through some IVR menus

Is there a redhat or contrib RPM for tripwire? I looked and didn't find one, but may not have been looking in the right place. Zebee

Actually I just looked at my RH 5.2 dist and it looks as if Tripwire 1.3 is shipped with it.

I am trying to get tripwire 1.2 patch level 2 on Redhat 6.2 to run out of cron and so far have failed miserably. It runs fine from the command line so I know my configuration is ok, but when it runs from cron it gets to Phase 3 and simply exits. It doesn''t generate any error messages or leave any core files laying around.

I am looking for a location where I can get tripwire to install and update via YUM. I know this is not the most secure thing but with the amount of machines that I have, I have not other choice. So far I have found http://download.fedoralegacy.org/redhat/9/updates/SRPMS/ Does anyone know one for CentOS? Thanks ---------------------------------------------------------------------- This mail