Posted by: mtlhd
boredom strikes again... - 08/02/02 07:13 AM
Ok, while being bored reading at my desk and trying to configure Tripwire, I had an idea similar to what Tripwire does and that is to check the integrity of binary files. So here's a script that I made. Just pop in a new floppy.
So there it is. It's nothing special and it definitely doesn't replace something like tripwire or other well know integrity checkers, but oh well. It's more of a lazy way of doing things...heheh. But it works fairly well. Ok, now You're probably asking yourself, "ok I have the checksums of all the binary files on my system, now what??", well when you think your b0x or b0xen have been compromised, you would make a new checksum list and check it against the previous one that you made. You would check what changes have been made by using the diff command, type man diff or info diff for more info on how to use the command . You can also incorporate all this into a cronjob and have it run weekly or monthly. Whatever you'd like. Well that's it. Can you tell I'm paranoid???
#!/bin/sh printf "Making clean filesystem...\n"; mkfs.ext2 /dev/fd0 mount /dev/fd0 /mnt/floppy cd /mnt/floppy uname -a > master.file ifconfig -a >> master.file md5sum /bin/* >> master.file md5sum /sbin/* >> master.file md5sum /usr/bin/* >> master.file md5sum /usr/sbin/* >> master.file md5sum /usr/local/bin/* >> master.file md5sum /usr/local/sbin/* >> master.file chmod 700 master.file printf "Finished with system checksum.\n"; printf "Label the floppy and store in a safe place ;)\n"; cd ~ ; umount /dev/fd0