SELinux last straw
Jacques B.
jjrboucher at gmail.com
Wed Oct 17 23:49:49 UTC 2007
On 10/17/07, Les Mikesell <lesmikesell at gmail.com> wrote:
> Jacques B. wrote:
> >
> > You can't honestly suggest that there should be a tool that can check
> > your entire system for any evidence of intrusion and fix it?
>
> Well yes... Since there isn't a handier one, I usually do it by
> restoring a backup from a time when I trusted the machine into a
> subdirectory of some other machine, then running rsync -avn against the
> live one to see what has changed.
>
> --
> Les Mikesell
> lesmikesell at gmail.com
Well if that's the approach you take, I would suggest you use md5deep
instead and use hashing as a means of verifying files on your system
with those from a trusted backup.
Jacques B.
More information about the fedora-list
mailing list