아빠로 살아가기

오래전 이야기/Open Tools

FCheck - 파일 무결성 검사

리눅스 엔지니어였던 2008. 9. 15. 17:26
 관련 사이트

http://www.openphp.com/board/board_center?Type=View&tb_name=board_linux_study&id=26&start=0

최초 실행시 다음과 같은 결과가 나온다. < 출처: openphp>

[root@bj-game-1-1 data]# cat data.dbf
# - Host  bj-game-1-1
# - OS  Linux 2.4.21
# - Database Creation  Apr 25 19:19 2004
# - Uname  Linux bj-game-1-1 2.4.21 #2 SMP Wed Apr 7 06:54:34 CST 2004 i686 unknown
# - FCheck by Michael A. Gumienny
# - - - - -> BEGIN FILES <- - - - -
1900546!33188!0!1082949587!/home/kkang/fcheck/logs/sol.dbf!NOCRC
# - - - - -> END FILES <- - - - -
# - - - - -> BEGIN Directory /etc/ <- - - - -
229425!33152!0!1081318760!/etc/.pwd.lock!NOCRC
229421!33188!2434!1081318750!/etc/DIR_COLORS!NOCRC
229524!33188!81214!1081319010!/etc/Muttrc!NOCRC
278529!16877!4096!1081318865!/etc/X11!NOCRC
344065!16877!4096!1081319053!/etc/X11/applnk!NOCRC
16461!16877!4096!1081319053!/etc/X11/applnk/Applications!NOCRC
16462!33188!930!1081319053!/etc/X11/applnk/Applications/emacs.desktop!NOCRC
425986!16877!4096!1081318827!/etc/X11/applnk/System!NOCRC
426159!33188!276!1081318827!/etc/X11/applnk/System/cups.desktop!NOCRC
425987!33152!264!1081318739!/etc/X11/applnk/System/setuptool.desktop!NOCRC
98391!16877!4096!1081318870!/etc/X11/fs!NOCRC
98393!33188!1130!1081318870!/etc/X11/fs/config!NOCRC
278546!33261!1310!1081318794!/etc/X11/prefdm!NOCRC
360449!16877!4096!1081318719!/etc/X11/serverconfig!NOCRC


만약 누군가 파일을 건드렸다면 다음과 같이 나온다.
테스트를 위해 /bin/fcheck-test라는 파일을 만들었다.

[root@bj-game-1-1 fcheck]# ./fcheck -a

PROGRESS: validating integrity of Files
STATUS: passed...


PROGRESS: validating integrity of /etc/
STATUS:
        WARNING: [bj-game-1-1] /etc/adjtime
        [Times: Apr 25 15:49 2004 - May 13 15:50 2004]

        WARNING: [bj-game-1-1] /etc/hosts.deny
        [Sizes: 7644 - 10120, Times: Apr 25 14:15 2004 - May 13 16:03 2004]

        WARNING: [bj-game-1-1] /etc/ioctl.save
        [Times: Apr 22 21:14 2004 - May 13 02:45 2004]

        WARNING: [bj-game-1-1] /etc/mail/statistics
        [Times: Apr 25 14:59 2004 - May 13 14:59 2004]

        WARNING: [bj-game-1-1] /etc/mtab
        [Inodes: 229632 - 229633, Times: Apr 22 21:14 2004 - May 13 02:45 2004]

        WARNING: [bj-game-1-1] /etc/portsentry/portsentry.blocked.atcp
        [Sizes: 2763 - 0, Times: Apr 25 14:15 2004 - May 13 17:06 2004]

        WARNING: [bj-game-1-1] /etc/portsentry/portsentry.blocked.audp
        [Times: Apr 22 21:14 2004 - May 13 17:06 2004]

        WARNING: [bj-game-1-1] /etc/portsentry/portsentry.history
        [Sizes: 69630 - 81875, Times: Apr 25 14:15 2004 - May 13 16:03 2004]

        WARNING: [bj-game-1-1] /etc/portsentry/portsentry.ignore
        [Times: Apr 22 21:14 2004 - May 13 17:06 2004]

        WARNING: [bj-game-1-1] /etc/ssh2/random_seed
        [Times: Apr 25 19:19 2004 - May 13 17:01 2004]

PROGRESS: validating integrity of /bin/
STATUS:
        ADDITION: [bj-game-1-1] /bin/fcheck-test
        Inode   Permissons      Size    Created On
        327810  -rw-r--r--      0       May 13 17:21 2004

PROGRESS: validating integrity of /usr/bin/
STATUS:passed...


PROGRESS: validating integrity of /sbin/
STATUS:passed...


PROGRESS: validating integrity of /usr/sbin/
STATUS:passed...


PROGRESS: validating integrity of /lib/
STATUS:passed...


PROGRESS: validating integrity of /usr/lib/
STATUS:passed...


PROGRESS: validating integrity of /usr/local/lib/
STATUS:fcheck: Error: Baseline does not match configuration file on _usr_local_lib_
terminating...

귀신같이 알아낸다..-0-

'오래전 이야기/Open Tools'의 다른글

  • 현재글FCheck - 파일 무결성 검사

관련글

댓글

티스토리툴바