[olug] Security breach?

Kevin sharpestmarble at gmail.com
Fri Jun 8 16:33:21 UTC 2012

On Wed, Jun 6, 2012 at 5:20 PM, Christopher Cashell <topher-olug at zyp.org> wrote:
> On Wed, Jun 6, 2012 at 3:10 PM,  <aric at omahax.com> wrote:
>> Is there something that does a hash compare of all the binaries, installed
>> packages, etc. and can be ran from removable, bootable media?

> [F]or Debian and debian based systems, there's a tool
> called 'debsums' that can check md5 sums of files against the md5
> hashes from the Debian package  they came from.

RPM based distributions have this built in: `rpm -qv $PACKAGE_NAME`
Doing this will verify:
 * file size
 * mode(permissions, file type)
 * md5 checksum
 * device major/minor mismatch(prevents from mounting a good partition
over your virus)
 * readlink(2) path mismatch
 * user ownership
 * group ownership
 * modification time
 * file capability.

More information about the OLUG mailing list