On Sun, Jul 29, 2007 at 12:44:56PM -0700, Jeff D wrote: > On that note, one thing that you might want to consider as part of the > hardening process is to install aide or some other file integrity checker. > Using something like that greatly helps in detecting and identifying issues > such as this.
I use samhain. However, since a compromised system can't reliably check for an intrusion, I use it as a check agains JFS. Since JFS doesn't journal data (just meta-data), it is possible that after a power failure, a file may be missing. Samhain would detect this. For security, you should have the samhain on a live-CD or something with the checksums stored on a CD or USB stick. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
