Re: How reliable is "debsums"?
On Wed, Sep 25, 2002 at 03:59:05PM -0400, Matt Zimmerman wrote:
>
> The same applies for any intrusion detection tool, including the ones you
> mention below.
(...)
Not quite exact.
> debsums attempts to detect files which are different from the versions which
> were originally installed from .deb archives. Stuff like tiger and integrit
> attempt to detect files which are different from the versions which were
> installed at some point in the past.
>
Integrit yes. Tiger yes/no. As a matter of fact tiger has:
1.- a module to check against known vulnerable cheksums (not updated for
Debian)
2.- a module that uses tripwire
3.- a module that uses debsums
User can run whichever he likes best. Just FYI.
Regards
Javi
Reply to: