Ingemar, I think tripwire is a better approach -- see the package with the same name.
Regards, Alex. --- PGP/GPG Fingerprint: EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+ G e-- h++ r--- y ------END GEEK CODE BLOCK------ On Wed, 26 Apr 2000, Ingemar Fällman wrote: > Hi > > All debfiles has checksums right?? These checksums can be used to verify if a > file > has been changed, so therefore checksums can be used to check if someone has > hacked my computer and installed a rootkit right?? > > But I can't use the checksums on my computer that was installed with the > package because > a hacker could have exchanged them as well as other files, and I would not > know about it. > > And to download all debfiles and extrakt the checksums takes alot of time and > alot of > diskspace. > > Why don't put all the checksums on an ftp, and make a debian package that > checks > all files (or just some packages) on the computer for changes. Then it would > make it > very easy to detect if anyone has hacked in to the computer and changed any > files. > > What do you guys think about that?? > > /Ingemar > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >