Date: Thu, 25 Feb 2016 21:50:38 -0800 From: Robert Ayrapetyan <robert.ayrapetyan@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: verify FreeBSD installation Message-ID: <56CFE7AE.3080507@gmail.com> In-Reply-To: <A6D06224-5502-4CAC-A88D-951E25466D51@elde.net> References: <56CD2EE3.5080009@gmail.com> <A6D06224-5502-4CAC-A88D-951E25466D51@elde.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Yeah, finally I've decided to re-install from an official iso. I've found some services in crontab I didn't liked at all - they were submitting a lot of info to a third-party servers (officially for monitoring purposes). p.s. Under "instance" I mean a dedicated unmanaged server. On 02/24/16 22:03, Terje Elde wrote: > > > > On 24 Feb 2016, at 05:17, Robert Ayrapetyan <robert.ayrapetyan@gmail.com> wrote: > > > > Hi. Is there any reliable way to verify checksums of all local files for some FreeBSD installation? E.g. I'm using a hoster which provides pre-deployed FreeBSD instances, how can I be sure there are no any patches\changes in a kernel\services etc? Does FreeBSD provides any automated tools for such kind of a verification? > > Just a quick note; if you suspect malicious intent from a competent attacker (your provider in this case), running an IDS-type check won't do. It's possible to use a kernel-module that omits itself when you're looking at the file system after boot for example, so it'd be invisible or look normal when checking the filesystem. > > Since you say "instance", I'm thinking probably VPS, in which case there needs to be a level of trust in the provider anyway, and this probably doesn't apply to you. Just wanted to mention it quickly as an apropos. > > Terje >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56CFE7AE.3080507>