Bryan Gardiner <bog <at> khumba.net> writes:
> On my most recent update, I had some build failures that led me to > find that some files on my root partition have been corrupted. Pretty open ended statement, so here's a few ideas. 'eix -cC app-forensics' will give a brief description of tools in that app-forensics category, so you can see what you have to work with. Other tools exist in other categories. I'm going to ignore the luks issues so others can chime in on that issue. A while back I ran across app-forensics/AIDE:: " Typically, a system administrator will create an AIDE database on a new system before it is brought onto the network. This first AIDE database is a snapshot of the system in it's normal state and the yardstick by which all subsequent updates and changes will be measured. " [1] Sounds great as a replacement for tripwire. I have yet to use this, but it'll be on my next system. You can use the -fetch option to download the fresh version of the packages (assuming you have deleted them first) where you suspect corruption and compile/install those again. Then set up AIDE? Sounds like a great idea for an internet facing server. Once you download those replacement packages, just unplug your ethernet until you are prepared to reconnect. [1] http://aide.sourceforge.net/stable/manual.html hth, James
