[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to securely verify that package-installed files match originals?

On 14/01/21 11:56, Erik Poupaert wrote:

dpkg -V <package>

The reason why I am carrying out this audit is, however, because I somehow
suspect that the system could be compromised.

as suggested you can use debsums

you can also use

* to detect missing or unexplained files

Note: the output can be very very long, save it to a file and set the --ignore flag to directory where you are sure there are no problems

* to detect rootkit

If your system is compromised and try to understand from where they come in or you want to check for vulnerability on your system you can use (I never try these):

To see open security bugs on installed package:

Note that, in theory, your system can be compromised with code in RAM/GPU MEMORY/BIOS/UEFI/... For RAM and similar you can solve restarting your PC with a trusted system, but for others normally you are unable to check if something is wrong and from that PC can be that you cannot start a trusted system

I'm not a security expert, but this thinks is very interesting...


Reply to: