Google
 
Web www.warpedsystems.sk.ca

 Welcome to Warped Systems Tuesday, August 09 2022 @ 02:44 AM CST  
About Us |  Projects |  Services |  Shop | 
Main Menu
Home
Gallery
Submit Article
Calendar
Stats
 RSS Feed
Links
Mail
Search

User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User

Who's Online
Guest Users: 13

Misc
Commonwealth Playlist
A Fan's Guide To Boxing

Recommended Sites
Linux Today
Linux Weekly News


pix pix pix
pix
File Integrity Assessment via SSH   
Monday, January 30 2006 @ 07:33 AM CST
Contributed by: Linegod

HowtoFrom SysAdminMag.com:

File integrity assessment (FIA) tools like Tripwire [1], Samhain [2], AIDE [3], et al. are commonly deployed in organizations to help assist forensic investigation after a security incident and as a host-based intrusion detection tool to help detect unauthorized file system changes (this also makes them useful monitoring tools for existing change control procedures, though that is not the focus of this article). The concept is simple: the administrator creates a configuration file that lists the critical system files and directories that the FIA tool should monitor, then uses the FIA tool to create a database that tracks common parameters about those files, such as permissions and ownerships, file size, and MAC times, along with one or more cryptographic checksums over the file contents (typically via common hashing algorithms like MD5, SHA-1, etc.). The FIA tool is then re-run periodically, and the current state of the file system is compared to the values stored for the various files in the database -- if there are any discrepancies, the files are flagged as having been modified and a report is generated.

Read the full thing at http://www.samag.com/documents/s=9950/sam0602a/0602a.htm

  [ Views:: 1,653 ]  
pix
pix pix pix

Story Options

  • Printable Story Format
  • Trackback

    Trackback URL for this entry: https://www.warpedsystems.sk.ca/trackback.php/20060130073354328

    No trackback comments for this entry.
    File Integrity Assessment via SSH | 0 comments | Create New Account
    The following comments are owned by whomever posted them. This site is not responsible for what they say.

    Created this page in 0.05 seconds


     Copyright © 2022 Warped Systems
     All trademarks and copyrights on this page are owned by their respective owners.
    Subscribe in a reader
    J.P. Pasnak
    Powered By