Checking the checksum of installed packages
Read the rest of this entry »
Occasionally you just want a bit of piece of mind about your server or Linux install. You may suspect there is somebody who has hacked your computer or even something changed by a package install that shouldnt have been.
Heres a couple of ideas on how to do a quick ‘health’ check on he md5sum of binary packages.
Debian based people should install dlocate and use that
apt-get install dlocate dlocate -md5check openssh-server |
To force a fail try something like this
mv /usr/share/man/man5/sshd_config.5.gz /usr/share/man/man5/sshd_config.5.gz-old echo Boo > /usr/share/man/man5/sshd_config.5.gz dlocate -md5check openssh-server |
For Redhat/Centos etc based servers you can use yum
rpm -qvV openssh
|
Again you can force a fail by changing a file
mv /usr/share/doc/openssh-4.3p2/CREDITS /usr/share/doc/openssh-4.3p2/CREDITS-old echo Boo >/usr/share/doc/openssh-4.3p2/CREDITS rpm -qvV openssh |
For less verbosity just drop the lower case v (so its rpm -qV )