A new project I would like to work on:
A simple BSD or Linux boot disk that contains a few utilities for testing for a hacked box. Initially, the system administrator would boot off this floppy and run the initialization utilitity. It would take an MD5 hash of all the files in specific directories (such as /etc, /bin, /sbin and /usr/bin) and store the results in a text file. Later on, the system administrator could boot off this floppy again and run the comparison utility. It would take another MD5 hash of all the files and compare the results.
Doing this in BSD would be easier for me because I have access to many BSD machines. Doing it in Linux would make it much more widely supported. Can the stock Linux kernel mount FFS file systems? I know OpenBSD can mount Ext2 file systems. Red Hat now uses Ext3 by default, so it would only work with older RH systems. Hopefully I will be able to create a boot disk that would work with most any unix system.
This project could also use Tripwire or a pre-made system disk. Or maybe I will just do it all from scratch just to be a jerk.
A simple BSD or Linux boot disk that contains a few utilities for testing for a hacked box. Initially, the system administrator would boot off this floppy and run the initialization utilitity. It would take an MD5 hash of all the files in specific directories (such as /etc, /bin, /sbin and /usr/bin) and store the results in a text file. Later on, the system administrator could boot off this floppy again and run the comparison utility. It would take another MD5 hash of all the files and compare the results.
Doing this in BSD would be easier for me because I have access to many BSD machines. Doing it in Linux would make it much more widely supported. Can the stock Linux kernel mount FFS file systems? I know OpenBSD can mount Ext2 file systems. Red Hat now uses Ext3 by default, so it would only work with older RH systems. Hopefully I will be able to create a boot disk that would work with most any unix system.
This project could also use Tripwire or a pre-made system disk. Or maybe I will just do it all from scratch just to be a jerk.