Can dpkg check the MD5's of *every* file belonging to a package?
One of the faculty at our university runs RedHat (blech!). He hasn't kept
the packages up to date and, subsequently, has suffered an intrusion. I was
called in as the recovery team.
I discovered that RedHat's rpm package manager has a really cute feature. If
you run "rpm --verify -a", it will check the MD5 sums, user/group
ownerships, sizes, and permissions of all of the files that came in any of
the packages. It's VERY handy for seeing what was messed with after an
intrusion. (It also flags which ones are configuration files so that you
know, of the ones that fail the MD5 check, which ones you shouldn't really
be as worried about).
Does dpkg have something like this?
As a side note, does anyone know if RedHat has a tool like dselect, that
lets you fetch all of the updated packages and install them?