verify FreeBSD installation
Robert Ayrapetyan
robert.ayrapetyan at gmail.com
Fri Feb 26 05:50:40 UTC 2016
Yeah, finally I've decided to re-install from an official iso.
I've found some services in crontab I didn't liked at all - they were submitting a lot of info to a third-party servers (officially for monitoring purposes).
p.s. Under "instance" I mean a dedicated unmanaged server.
On 02/24/16 22:03, Terje Elde wrote:
>
>
> > On 24 Feb 2016, at 05:17, Robert Ayrapetyan <robert.ayrapetyan at gmail.com> wrote:
> >
> > Hi. Is there any reliable way to verify checksums of all local files for some FreeBSD installation? E.g. I'm using a hoster which provides pre-deployed FreeBSD instances, how can I be sure there are no any patches\changes in a kernel\services etc? Does FreeBSD provides any automated tools for such kind of a verification?
>
> Just a quick note; if you suspect malicious intent from a competent attacker (your provider in this case), running an IDS-type check won't do. It's possible to use a kernel-module that omits itself when you're looking at the file system after boot for example, so it'd be invisible or look normal when checking the filesystem.
>
> Since you say "instance", I'm thinking probably VPS, in which case there needs to be a level of trust in the provider anyway, and this probably doesn't apply to you. Just wanted to mention it quickly as an apropos.
>
> Terje
>
More information about the freebsd-security
mailing list