Re: Tripwire style checking using apt/dpkg (security)

To: debian-user@lists.debian.org
Subject: Re: Tripwire style checking using apt/dpkg (security)
From: David Z Maze <dmaze@debian.org>
Date: Mon, 28 Apr 2003 14:19:40 -0400
Message-id: <[🔎] 87u1cia3ib.fsf@cag.lcs.mit.edu>
In-reply-to: <[🔎] 200304281813.53345.steve_debian@ironmountainsystems.com> (Stephen Birch's message of "Mon, 28 Apr 2003 18:13:20 +0100")
References: <[🔎] 200304281813.53345.steve_debian@ironmountainsystems.com>

Stephen Birch <steve_debian@ironmountainsystems.com> writes:

> Since apt/dpkg has access to the CRC of every binary installed on a 
> running system, it seems to make sense that the binaries of a running 
> machine could be verified to make sure there are no trojan horses on 
> the machine.
>
> Does anyone know if a tool like this exists already?

debsums does this, sort of.  But not all packages include md5sum
information (it's not required), and I don't know of any
infrastructure that makes sure that the md5sum files are on trusted
read-only media.  It's still useful for trying to recover from
filesystem corruption, though, and the debsums documentation suggests
a technique for plugging it into APT to generate md5sum files for
packages that don't already have them.

-- 
David Maze         dmaze@debian.org      http://people.debian.org/~dmaze/
"Theoretical politics is interesting.  Politicking should be illegal."
	-- Abra Mitchell

Reply to:

References:
- Tripwire style checking using apt/dpkg (security)
  - From: Stephen Birch <steve_debian@ironmountainsystems.com>

Prev by Date: Re: General jerkiness/pausing of system..
Next by Date: Re: network cards setup
Previous by thread: Tripwire style checking using apt/dpkg (security)
Next by thread: Viewing a .wmv file
Index(es):
- Date
- Thread