From owner-freebsd-questions@FreeBSD.ORG Tue Feb 10 11:21:54 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDA0816A4CE for ; Tue, 10 Feb 2004 11:21:54 -0800 (PST) Received: from bmyster.com (loqtis.bmyster.com [65.162.190.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4335943D31 for ; Tue, 10 Feb 2004 11:21:54 -0800 (PST) (envelope-from misterb@bmyster.com) Received: from loqtis.bmyster.com (localhost.bmyster.com [127.0.0.1]) by bmyster.com (8.12.10/8.12.10) with ESMTP id i1AJaxvu012407 for ; Tue, 10 Feb 2004 14:36:59 -0500 (EST) Received: (from www@localhost) by loqtis.bmyster.com (8.12.10/8.12.10/Submit) id i1AJarFL012406; Tue, 10 Feb 2004 14:36:53 -0500 (EST) X-Authentication-Warning: loqtis.bmyster.com: www set sender to misterb@bmyster.com using -f Received: from 207.5.142.198 (SquirrelMail authenticated user mrb) by new.host.name with HTTP; Tue, 10 Feb 2004 14:36:53 -0500 (EST) Message-ID: <34605.207.5.142.198.1076441813.squirrel@new.host.name> Date: Tue, 10 Feb 2004 14:36:53 -0500 (EST) From: "Brent Bailey" To: questions@freebsd.org User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Subject: checking checksums on binaries and checking for rootkits X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: misterb@bmyster.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2004 19:21:54 -0000 hello, im using FBSD 4.9 ... IS there a way to check the checksum on binairies like "ls , ps" etc.. to check for rootkits ? On Solaris you can run md5 on a binary and compare it against a utility on SUNS website that will cehck the finger print to see whether the binary is part of a rootkit or the original binary. Does Freebsd have a tool like this ? -- Brent Bailey