| 1 |
Agreed. That's why I'd use a service specifically designed for this |
| 2 |
like Samhain. |
| 3 |
|
| 4 |
jbw |
| 5 |
|
| 6 |
Christian Schwede wrote: |
| 7 |
> Right. But this still isn't that useful - for watching binary files it's |
| 8 |
> ok, but you wouldn't recognize changes to config files etc. |
| 9 |
> So you have to store a seperate md5sum file/tree. |
| 10 |
> Anyway - bevor bringing a server online you could burn this dir-tree to |
| 11 |
> a cd or something else and verify which changes to binary files (trojans |
| 12 |
> etc.) were made in case of a compromise. But then you have to store |
| 13 |
> always an actual tree of /var/db/pkg/* - Huh... |
| 14 |
> |
| 15 |
> Just my 2 cents. |
| 16 |
> |
| 17 |
> Christian |
| 18 |
> |
| 19 |
> Joby Walker wrote: |
| 20 |
> |
| 21 |
>> They are not discussing the MD5s stored in the portage tree but the |
| 22 |
>> MD5s that are generated and stored in the CONTENTS files |
| 23 |
>> (/var/db/pkg/*/*/CONTENTS), which are the compiled binaries. |
| 24 |
> |
| 25 |
> |
| 26 |
> |
| 27 |
> |
| 28 |
> -- |
| 29 |
> gentoo-security@g.o mailing list |
| 30 |
> |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
gentoo-security@g.o mailing list |
Archives