Welcome to Warped Systems Tuesday, August 09 2022 @ 02:44 AM CST  
About Us |  Projects |  Services |  Shop | 
Main Menu
Submit Article
 RSS Feed

User Functions


Don't have an account yet? Sign up as a New User

Who's Online
Guest Users: 13

Commonwealth Playlist
A Fan's Guide To Boxing

Recommended Sites
Linux Today
Linux Weekly News

pix pix pix
File Integrity Assessment via SSH   
Monday, January 30 2006 @ 07:33 AM CST
Contributed by: Linegod


File integrity assessment (FIA) tools like Tripwire [1], Samhain [2], AIDE [3], et al. are commonly deployed in organizations to help assist forensic investigation after a security incident and as a host-based intrusion detection tool to help detect unauthorized file system changes (this also makes them useful monitoring tools for existing change control procedures, though that is not the focus of this article). The concept is simple: the administrator creates a configuration file that lists the critical system files and directories that the FIA tool should monitor, then uses the FIA tool to create a database that tracks common parameters about those files, such as permissions and ownerships, file size, and MAC times, along with one or more cryptographic checksums over the file contents (typically via common hashing algorithms like MD5, SHA-1, etc.). The FIA tool is then re-run periodically, and the current state of the file system is compared to the values stored for the various files in the database -- if there are any discrepancies, the files are flagged as having been modified and a report is generated.

Read the full thing at

  [ Views:: 1,653 ]  
pix pix pix

Story Options

  • Printable Story Format
  • Trackback

    Trackback URL for this entry:

    No trackback comments for this entry.
    File Integrity Assessment via SSH | 0 comments | Create New Account
    The following comments are owned by whomever posted them. This site is not responsible for what they say.

    Created this page in 0.05 seconds

     Copyright © 2022 Warped Systems
     All trademarks and copyrights on this page are owned by their respective owners.
    Subscribe in a reader
    J.P. Pasnak
    Powered By