Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!wivax!decvax!harpo!seismo!hao!hplabs!sri-unix!Michael.Young@cmu-cs-g From: Michael.Young%cmu-cs-g@sri-unix.UUCP Newsgroups: net.unix-wizards Subject: Re: Ideas on UNIX security Message-ID: <2475@sri-arpa.UUCP> Date: Thu, 23-Jun-83 14:52:55 EDT Article-I.D.: sri-arpa.2475 Posted: Thu Jun 23 14:52:55 1983 Date-Received: Sat, 25-Jun-83 18:26:55 EDT Lines: 12 A reasonable thing to do when doing overnight dumps or filesystem searches (either by cron, or by human operator) is to dump (to a safe tape) a fast checksum of your important binaries, along with their inode information. The inode info will detect major differences (bad modes, sizes, owners), and the checksum will detect even some tricky meddling. It seems that this is worthwhile every so often just to keep an eye on which system maintainers are working on what, and to detect strange disk errors. [Fsck makes sure blocks are arranged right, but not that they contain the right stuff.] Yes, it's expensive, but if you've got the time at night, it can't hurt. Michael