On 02/26/2016 03:05 PM, Hans wrote: >> Please try (don't need to be root): >> [...] > great! This helped. It was tvbrowser and fakturama (both Debian/Ubuntu > packages and not from the repo) which interfered. > > I moved teh md5sums out of the way during the test. I would like to note two things: - You should try to find out _why_ those programs were causing problems: even third-party packages should not misbehave in such a way, and this might be an indication for further problems. - Irrespective of any of your troubles: note that dpkg --verify and debsums are not safe if you want to check against sophisticated rootkits. For example, if an attacker modifies the md5sums files themselves in addition to some binary (which is what debsums and dpkg --verify use), then these tools don't help (and there are other possible attacks). Of course, less sophisticated rootkits can be detected like that. The only truly secure way is to use a boot medium (CD, DVD or USB stick) that you've gotten from a trusted source, and then check your file system from there. Unfortunately, I don't know of any _easy_ way to do so, because while debsums has some options that facilitate this, I don't know of any utility that downloads the configured APT lists of a given installation, downloads the packages that are installed and then checks the installed system against those. (You can of course do all that manually to some extent, but it gets complicated.) For known rootkits you can use the chkrootkit tool (available also as a Debian package), but that also has it's limitations. Regards, Christian
Attachment:
signature.asc
Description: OpenPGP digital signature