Recipe 1.8 Expensive, Ultra-Paranoid Security Checking

1.8.1 Problem

You want highly secure integrity checks and are willing to shell out additional money for them.

1.8.2 Solution

Store your files on a dual-ported disk array. Mount the disk array read-only on a second, trusted machine that has no network connection. Run your Tripwire scans on the second machine.

1.8.3 Discussion

A dual-ported disk array permits two machines to access the same physical disk. If you've got money to spare for increased security, this might be a reasonable approach to securing Tripwire.

Once again, let trippy be your machine in need of Tripwire scans. trusty is a highly secure second machine, built directly from trusted source or binary packages with all necessary security patches applied, that has no network connection and has never been accessible to third parties.

trippy's primary storage is kept on a dual-ported disk array. Mount this array on trusty read-only. Perform all Tripwire-related operations on trusty: initializing the database, running integrity checks, and so forth. The Tripwire database, binaries, keys, policy, and configuration are likewise kept on trusty. Since trusty is inaccessible via any network, your Tripwire checks will be as reliable as the physical security of trusty.