Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!iuvax!cica!tut.cis.ohio-state.edu!purdue!bu-cs!xylogics!world!madd
From: madd@world.std.com (jim frost)
Newsgroups: comp.unix.wizards
Subject: Re: What should go into a security-checking shell script?
Message-ID: <1989Oct25.181041.28925@world.std.com>
Date: 25 Oct 89 18:10:41 GMT
References: <363@nisca.ircc.ohio-state.edu> <MONTNARO.89Oct23142449@sprite.crd.ge.com> <1TDnkx#VBnsh=greg@cheers.UUCP>
Reply-To: madd@world.UUCP (jim frost)
Distribution: usa
Organization: Software Tool & Die
Lines: 14

In article <1TDnkx#VBnsh=greg@cheers.UUCP> greg@cheers.uucp (Greg Onufer) writes:
|A few things to think about:
|	- Compare checksums of all vendor-supplied executables
|	  with known-correct checksums.

Actually it's better to do both a CRC and an inode-change test; the
latter is very fast and fairly difficult to get around portably, the
former is kind of slow but tough to get around.  A combination of the
two is fairly effective.  This kind of test should be done on the
kernel regularly!

jim frost
software tool & die
madd@std.com