Running Integrity Checks of Installed Files and Executables
When you have a production system, it’s important to monitor that system for changes. Of course, you should not be alarmed every time a new log is added to the /var/log/ directory. However, changes to critical files such as those in the /boot/ and /sbin/ directories may indicate a problem.
To detect such changes, you need to know how to check the integrity of target systems. Sure, you could just set up a checksum on potentially vulnerable partitions or volumes, but that would be imprecise. If there is a problem, the checksum will not specify the files that have changed.
The first method to check the integrity of a system relates to the integrity of installed packages. To that end, commands ...
Get Security Strategies in Linux Platforms and Applications, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
