Installing packages, updating packages, removing packages. These basic operations result in lots of tripwire noise. Was the change to /usr/sbin/zic part of a legitimate update, or a super-secret-stealth attack?
At this point I wish I could md5sum every binary and library file managed by the OS and compare that to some authoritative source. Yay, Josh -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
