Intrusion Detection Systems mailing list archives

If Tripwire could detect ...........

From: duke () mx4 ttcn ne jp (Duke Imaizumi)
Date: Thu, 23 Dec 1999 23:10:38 +0900


Jeff Johnson's CAMM workHi All!

 I am a long term user of Tripwire for my system.
Tripwire is aãgood security tool.
I would like to know if Tripwire could detect if file is copied.

What we care most is if our data is copied by intruder or not.
Although Tripwire can detect sccess timestamp, file must be open and read.
So it gives no perfect solution.
Soppose password file is copied, is there anyway to find out the file is
really COPIED?
Or any other suggestion?

Thank you for advance.

Happy Holidays!

---------------------------
Duke Imaizumi, Ph.D.

--Think Fast, Live Slow..-------

Current thread:

Re: NFR Help, (continued)
- - Re: NFR Help Delores A. Quade (Dec 14)
  - Re: NFR Help Marcus J. Ranum (Dec 14)
  - Re: NFR Help Greg Shipley (Dec 14)
  - Re: NFR Help Carric Dooley (Dec 15)
  - NEW TO IDS kbashir () engro com (Dec 15)
    - Web Trends Sec Analyzer Duke Imaizumi (Dec 16)
    - RE: NEW TO IDS Bill Royds (Dec 16)
    - ISS's RealSecure on UNIX Richters, Eriks (Dec 16)
    - Bookmark URL's that contain authentication arguements ICoS (Dec 19)
    - Jeff Johnson's CAMM work Gene Kim (Dec 20)
    - If Tripwire could detect ........... Duke Imaizumi (Dec 23)
    - SATAN Bram Shirani (Dec 23)
    - Re: SATAN B Potter (Dec 24)
    - Re: SATAN Jonas Eriksson (Dec 27)
    - Re: SATAN Carric Dooley (Dec 24)
    - [Fwd: "An idea, a project, a collaboration"] Philip S Holt / Security Engineering (Dec 22)
    - [CFP] RAID 2000 (Recent Advances in Intrusion Detection) Herve DEBAR (Dec 22)