Package: wnpp Severity: wishlist * Package name : integcheck Version : 1.0.0 Upstream Author : Mathieu Roy <[EMAIL PROTECTED]> * URL or Web page : https://gna.org/projects/integcheck/ * License : GNU GPL Description : a system integrity checker Item check is written in Perl.
The idea is to check integrity of exposed systems by getting a list of md5 of any important file via ssh, to keep this list on a pretty safe system (a system that do not run any server publicly available), and, finally, to compare everyday this list and with the previous one. As long as the system considered as safe is not compromised, it should inform administrators of any changes on the others systems. As others integrity checker, if its own components are corrupted, it can be fooled. In others words, you cannot have a security policy entirely relying on an integrity checker, and you should always do manual checks regularly to be sure that the integrity checker is not corrupted itself. So what's the point of this tool, if you are still forced to do manual checks? In fact, it is way faster to check integrity of integcheck than integrity of the whole system. On every system you want to monitor, you have to install the integcheck-victim package, and on one computer, at least, you must have to install the integheck-bobby package. The integcheck-victim package provide a specific shell. The integcheck-bobby provide cronjob and scripts to get and compare md5 list. Integcheck is already packaged, using debconf, however the package is not the cleanest possible and some documentation would probably be a nice addition. If someone was willing to package integcheck for Debian, we would gladly collaborate with him, by giving him write access to the repository directly. -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+
