1 |
Agreed. That's why I'd use a service specifically designed for this |
2 |
like Samhain. |
3 |
|
4 |
jbw |
5 |
|
6 |
Christian Schwede wrote: |
7 |
> Right. But this still isn't that useful - for watching binary files it's |
8 |
> ok, but you wouldn't recognize changes to config files etc. |
9 |
> So you have to store a seperate md5sum file/tree. |
10 |
> Anyway - bevor bringing a server online you could burn this dir-tree to |
11 |
> a cd or something else and verify which changes to binary files (trojans |
12 |
> etc.) were made in case of a compromise. But then you have to store |
13 |
> always an actual tree of /var/db/pkg/* - Huh... |
14 |
> |
15 |
> Just my 2 cents. |
16 |
> |
17 |
> Christian |
18 |
> |
19 |
> Joby Walker wrote: |
20 |
> |
21 |
>> They are not discussing the MD5s stored in the portage tree but the |
22 |
>> MD5s that are generated and stored in the CONTENTS files |
23 |
>> (/var/db/pkg/*/*/CONTENTS), which are the compiled binaries. |
24 |
> |
25 |
> |
26 |
> |
27 |
> |
28 |
> -- |
29 |
> gentoo-security@g.o mailing list |
30 |
> |
31 |
|
32 |
|
33 |
-- |
34 |
gentoo-security@g.o mailing list |