Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!wivax!decvax!harpo!seismo!hao!hplabs!sri-unix!Michael.Young@cmu-cs-g
From: Michael.Young%cmu-cs-g@sri-unix.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Ideas on UNIX security
Message-ID: <2475@sri-arpa.UUCP>
Date: Thu, 23-Jun-83 14:52:55 EDT
Article-I.D.: sri-arpa.2475
Posted: Thu Jun 23 14:52:55 1983
Date-Received: Sat, 25-Jun-83 18:26:55 EDT
Lines: 12

A reasonable thing to do when doing overnight dumps or filesystem
searches (either by cron, or by human operator) is to dump (to
a safe tape) a fast checksum of your important binaries, along with
their inode information.  The inode info will detect major
differences (bad modes, sizes, owners), and the checksum will detect
even some tricky meddling.  It seems that this is worthwhile every so
often just to keep an eye on which system maintainers are working
on what, and to detect strange disk errors.  [Fsck makes sure blocks
are arranged right, but not that they contain the right stuff.]
Yes, it's expensive, but if you've got the time at night, it can't hurt.

			Michael