Re: How reliable is "debsums"?
On Wed, Sep 25, 2002 at 03:59:05PM -0400, Matt Zimmerman wrote:
> The same applies for any intrusion detection tool, including the ones you
> mention below.
Not quite exact.
> debsums attempts to detect files which are different from the versions which
> were originally installed from .deb archives. Stuff like tiger and integrit
> attempt to detect files which are different from the versions which were
> installed at some point in the past.
Integrit yes. Tiger yes/no. As a matter of fact tiger has:
1.- a module to check against known vulnerable cheksums (not updated for
2.- a module that uses tripwire
3.- a module that uses debsums
User can run whichever he likes best. Just FYI.