Olaf Meeuwissen writes: >[EMAIL PROTECTED] (William R. Ward) writes: > >> One way to test if you have been hacked is to run an MD5 checksum of >> key binaries and look to see if it's been replaced by the intruder. >> Is there any place where the MD5 sums of individual executable files >> (not the .deb files, but the /usr/bin/xxxx files that come from them) >> can be obtained? > >The info you're looking for can, for most packages at least, be found >in /var/lib/dpkg/info/*.md5sums. These files have MD5 sums for all >files included in the .deb. > >Note that if you get hacked you can no longer rely on these files (so >put them some place safe *before* you let other folks use or connect >to your machine). Of course, /usr/bin/md5sum is also suspect and can >not be relied upon to tell you the truth.
Of course. I'd have to burn a CDROM or something. But it's something I've been meaning to find out about, just in case... -- William R Ward [EMAIL PROTECTED] http://www.bayview.com/~hermit/ ----------------------------------------------------------------------------- "Those are my principles. If you don't like them I have others."-Groucho Marx
