Re: any interest in tripwire commercial?
On Dec 11, 2010, at 17:03, Michael Scheidell wrote:
>> Probably.
>>=20
>>> > does everyone put 32 bit compatibility libraries in their amd64 =
builds?
>>> > ______
>> Never, unless running cosed source software. It seems to triple your
>> attack surface area.
>>=20
> than the answer is "no' you would not want an i386 version since you =
need to put 32bit compatibility in if this is all tripwire supports.
> Sometimes, its easier to get a vendor to release compiled binaries if =
you tell them you can support:
> 7.1 - 8.x, i386/amd, with a single i386/32 bit binary.
>=20
> to tell them the need to maintain 8 versions is harder.
>=20
> doesn't really too much matter, It looks like only you and me are =
interested. with that huge response, I guess its never going to happen.
It really depends what the final product would cost, if it would be =
supported and maintained on 64-bit 8.x, with future commitment to =
support 9.x. It also depends what added value this package would had =
compared to 'portmaster security/tripwire' or similar.
In any case we would be interested if this would provide significant and =
real (security/manageability) advantages compared to our current =
"freebsd-update IDS" model (no, not only freebsd-update IDS, but some =
added magic to make it a bit more resilient and reliable).
PCI DSS and other security standards specifically mention tripwire so it =
would make life easier if we could tick the box saying 'yes we use =
tripwire'.
/Eirik=
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 4 之 4 篇):