The tool is now ready to be downloaded at
http://www.elstel.org/debcheckroot.
Feedback will be highly appreciated!
Am 28.01.2014 11:40, schrieb Elmar Stellnberger:
Dear Debian-Security
Having just released debcheckroot I wanna shortly present you my new tool:
It was originally designed as a replacement for debsums and has the following
qualities:
* full support of Debian repos reading /etc/[apt/]sources.list to fetch
checksums online
* it can check a Debian installation remotely from any Unix-like system just
requiring perl, gzip, bzip2 and tar
* it does not require a chroot into or any tools of the installation to be
checked;
debcheckroot is thus the better choice when it comes to security (chroots
may infect the freshly booted system);
The checkroot family of programs has already proven to spot various rootkits
not detected by chkrootkit and rkhunter
* usage of checksums in the package header by default rather than locally
stored ones (insecure if not backed up on f.i. an USB-stick); fast unpacking on
the fly into memory without the creation of temporary files
* nicely formatted output into files for later analysis
… and all of that in just a 930 lines of code.
Though debcheckroot is currently still licensed under S-FSL I am ready to
re-publish under any license you like
if you can at least promise me to maintain the necessary support infrastructure
for it:
* sha256sums rather than the bit old fashioned md5sums
* checksums for all packages in the core distro (some are still missing md5sums)
i.e. we would have to update debhelper to create shasums in addition to md5sums
and enable this for all packages
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: https://lists.debian.org/[email protected]
