Re: Wire tripped

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



jludwig wrote:
On Thursday 06 October 2005 08:58, Scot L. Harris wrote:

On Thu, 2005-10-06 at 08:45, Bill Perkins wrote:

I believe you can use rpm to validate the files on your system.  rpm is
prelink aware.  Check the verify option of rpm.  If that shows things
don't match up then you have a system that may have been compromised.

I'll take a look into that. What is 'prelink'?


Most are executables, some libraries as well (in /usr/lib, openoffice, a
bunch of others).

Prelink is used to modify ELF shared libraries and ELF dynamiclly linked
binaries to reduce startup time.  Check out the man page for prelink to
get more details.

The changes you describe are consistent with prelink.

Yes- after perusing the man page, that makes some sense. However, where did prelink get triggered from? I sure didn't run it.

You could try something like;
--> rpm -vV -a > /root/rpm_verify Then try less the file /root/rpm_verify.

Cool! I've had it running for a few hours now (this is a 1GHz PIII of some sort, with 256M RAM, so it's not the fastest processor on the block), and the output looks reasonable so far. I've just switched to FC4 from Slackware, and I don't know all the ins and outs of rpm, yum, and up2date, so even though I've been using Linux for 10 years now, I'm still on a learning curve (which is why I jumped to Linux in the first place). Thanks for all the help, I'll let you know what I find.

--
-------------------------------------------------------------------------------
"The two most common things in the	| Bill Perkins
 universe are Hydrogen and Stupidity."	| perk@xxxxxxx
					| programmer-at-large
		F. Zappa		| ALL assembly languages done here.
-------------------------------------------------------------------------------


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux