md5mon 1.3b review

Download
by rbytes.net on

md5mon checks that certain system files have not been modified and it uses "md5sum" to compute checksums of files

License: GPL (GNU General Public License)
File size: 12K
Developer: Serge Winitzki
0 stars award from rbytes.net

md5mon checks that certain system files have not been modified and it uses "md5sum" to compute checksums of files. Optionally, a somewhat more secure, but slower, "shasum" can be used instead of "md5sum".

This is the installation procedure:

Unpack the distribution into a directory such as /usr/local/md5mon or any other directory. The necessary files include: md5mon and several dirs_X" and exclude_X files, where X is a number (0, 1, ...) The script will create or update all files in the same directory where "md5mon" resides. You may choose the directory at an inconspicuous location, for example /etc/X11/app-defaults/xyterm/, you can make this directory and all files inside it readable only to root and rename "md5mon" to something else, if you feel that it helps improve security. Ancillary file names are also easily configurable by editing the script.

Here are some key features of "md5mon":
There are two main actions: create the checksum lists and verify the checksums. There is also a "packaging" action and a "reconcile" action.

Files are selected by directories and optionally filtered through exclusion lists to prevent scanning of inessential files.

Lists of directories to be monitored are configurable to several "levels" so that the user might put a few of the most important files at one level and a larger number of less crucial files at another level.

The script will report all discrepancies found in checksums to a log file, so it is suitable for cron jobs. One could use the "-q" or "--quiet" option to prevent printing of messages unless mismatches are found.

The "packaging" action can be used to archive all current checksums together with the script and with copies of the "find" and "md5sum" binaries for secure storage on external media. After packaging all your levels securely you can be sure that you will definitely be able to detect any changes to the monitored files.

The script maintains its own integrity checksum in a small file which may be optinally stored on a read-only floppy media or on a remote computer and read at each checkup (the command to get this file must be specified within the script).

What's New in This Release:
quick bugfix: did not update sums correctly in some cases

md5mon 1.3b search tags