> getting the filehash of all the binaries > installed from the beggining storing all the values in a database (outside > from that box) and then if you think you could be hacked, just run again the > filehash and compare it with the original one you got... This is what tripwire and aide do. Not to mention rpm -v or even md5sum. The hard part is to make sure that your hash tool and its database have not also been tampered with. Dave -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list