Bugtraq mailing list archives
Verifying file data integrity using L6
From: gilbert () PGCI CA (gilbert () PGCI CA)
Date: Thu, 17 Dec 1998 13:31:55 +0000
-----BEGIN PGP SIGNED MESSAGE----- After fiddling with tripwire, I decided to create a lighter and faster file data intergrity tool. I found tripwire (now a commercial product) to be too heavy and slow for my needs. L6 is a file data integrity checker using both the MD5 and SHA-1 hash algorithms. This tool can detect file tampering based on hashes generated by both algorithms and other inode information (not as reliable tho). It also provides a useful, lightweight and flexible interface (written in perl) to verify file data integrity, and the output and functionality resembles that of L5 (a similar tool written in C by hobbit () avian org). Here are a few examples: gilbert@paranoia> cat l6 | l6 - -sha1 Using digest version SHA-1, library version 1.2 - -STANDARD INPUT-//X - - - [-,-] 6048 bytes 4516d5c3bd3699ec63ddfd3b175574e738cbf013 gilbert@paranoia> echo squeamish ossifrage | l6 - - -STANDARD INPUT-//X - - - [-,-] 20 bytes 9469c6c14b5ed78b8aef396d2f9f96d7 gilbert@paranoia> l6 /etc /etc/sshd.pid//text 649608 100666 1 root/root 6 bytes 365de054 5dc552f3cac7db7d02285733b0febc0e /etc/ftphosts//text 649607 100600 1 root/sys 190 bytes 36124491 d6bbb0d28e5f68d2afe01be0a72831d7 /etc/sendmail.cf//text 649534 100644 1 root/other 31497 bytes 365e70e9 545abca428e2dc807c69914b64231335 L6 many more options, and is approx. 40% faster than it's C conterpart. It's open source. It's free. <BIG BANNER HERE> I am donating this tool to the general security community for improvement and comments. http://www.pgci.ca/l6.html Cheers, - -- Patrick Gilbert +1 (514) 865-9178 CEO, PGCI http://www.pgci.ca Montreal (QC), Canada CE AB B2 18 E0 FE C4 33 0D 9A AC 18 30 1F D9 1A -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNnkH1PweOHTzUVddAQG8lwP8DzMllSNOBQMlHC7a9cD4gIi9TjHmc2E0 beanOiAsd7WwhKFvXzfkya5pRpGNXxsE1NpgtW0caFA62xgqb8hTWXV4gdti3T/V bKApaHZEJSzuvPEPUWz2LQwuLjIdl76iwTO1m1gJU/D/mwNs3cYnBLL1xW8P8iZx KO5vkw7zAY8= =/k5E -----END PGP SIGNATURE-----
Current thread:
- Verifying file data integrity using L6 gilbert () PGCI CA (Dec 17)
- Re: Verifying file data integrity using L6 Ng Pheng Siong (Dec 18)
- <Possible follow-ups>
- Re: Verifying file data integrity using L6 James R Grinter (Dec 20)
- Re: Verifying file data integrity using L6 Marc SCHAEFER (Dec 20)
- Re: Verifying file data integrity using L6 Curt Sampson (Dec 21)
- Why you should avoid world-writable directories D. J. Bernstein (Dec 21)
- Re: Why you should avoid world-writable directories Darren Reed (Dec 22)
- Re: Why you should avoid world-writable directories Alan Cox (Dec 22)
- Re: Why you should avoid world-writable directories Casper Dik (Dec 23)
- Re: Why you should avoid world-writable directories Martin Forssen (Dec 23)
- Linux PAM (up to 0.64-2) local root compromise Michal Zalewski (Dec 23)