Linux / UNIX: Find out if your configuration files / security settings changed or not
How do you find out that somebody has accessed your system and changed your configuration or security settings? How do you verify file content? There is no simple answer to these questions. Personally, I use specialized tool such as tripwire and combination of perl / shell script, UNIX command line utilities.
Examine methods of storing and later checking the validity of your configuration files is one of the key task. This article provides some guideline. You will develop a script that you can use to generate information that checks the validity of a file or directory full of files. The recorded information includes the file path, a checksum of the file so that you can compare the file contents, and unique information about the file (inode, permissions, ownership information) so that you can identify differences should they occur:
The typical UNIX administrator has a key range of utilities, tricks, and systems he or she uses regularly to aid in the process of administration. There are key utilities, command-line chains, and scripts that are used to simplify different processes. Some of these tools come with the operating system, but a majority of the tricks come through years of experience and a desire to ease the system administrator's life. The focus of this series is on getting the most from the available tools across a range of different UNIX environments, including methods of simplifying administration in a heterogeneous environment.
=> Systems Administration Toolkit: Testing system validity
You may also be interested in other helpful articles:
- Check BIND - DNS Server configuration file for errors with named-checkconf tools
- Debian Linux How to find out if installed package is from stable or testing environment
- Easy Linux or UNIX Network Load Testing
- Linux hide files so that no one can see it
- Linux automated GUI testing with python based Dogtail tool
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: checksum, configuration_files, heterogeneous_environment, security_settings, shell_script, systems_administration, tripwire, unix_administrator, Unix_command_line, validity
If you use cfengine put the files or directories under the “files” section, and/or sync the files through “copy”. Not only will it alert you within the hour if things change, but you can have it fix it for you.
Sean
Are you guys talking about the free version of tripwire or the paid one?