On Mon, Sep 22, 2003 at 03:25:27PM -0400, help@xxxxxxxxxxx wrote:
> Hello,
>
> It?s my understanding that it is possible to insert a Red Hat distribution
> disk into CD rom drive of a server and run an MD5 or checksum test to
> determine if any of the OS files have been altered or compromised in any
> way. If correct, what is the procedure and command syntax to do this?
Depends on how you want to do it. First, import Red Hat's gpg key
(preferred), or add the appropriate command line switch to the rpm
call below to disable gpg key checking. Then get the MD5SUM file and
verify its gpg signature:
gpg --verify MD5SUM
Then checksum the image(s):
md5sum <path>
where <path> may be your CD-ROM device, such as /mnt/cdrom.
e.g, for severn:
cat MD5SUM ; md5sum severn-i386-disc*.iso
You should also check individual packages, e.g.:
find <path> -iname "*.rpm" -exec rpm -K {} \; | grep NOT
where silence implies acceptance.
>
> Also if I have installed non RH software on server, how would I go about
> doing checks on non RH applications to make sure those applications have not
> been altered or compromised?
>
> Thanks for any info.
>
>
> --
> Psyche-list mailing list
> Psyche-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/psyche-list
--
Charles Curley /"\ ASCII Ribbon Campaign
Looking for fine software \ / Respect for open standards
and/or writing? X No HTML/RTF in email
http://www.charlescurley.com / \ No M$ Word docs in email
Key fingerprint = CE5C 6645 A45A 64E4 94C0 809C FFF6 4C48 4ECD DFDB
Attachment:
pgp00922.pgp
Description: PGP signature
