Howto install and use integrit on Packetprotector.
Gnu's Integrit http://integrit.sourceforge.net/
Lets start downloading the integrit ipk package, contributet by ciscostu.
Navigate to tmp and download the package:
#cd /packetprotector/tmp & wget http://packetprotector.org/download/experimental/integrit_4.1-1_mipsel.ipk
Lets create a directory on the USB(/packetprotector), for storing the configuration file and system state databases.
#mkdir /packetpritectir/etc/integrit #vi /packetprotector/etc/integrit/integrit.conf
Press the instert key and add to the file:
# Global settings root=/packetprotector known=/packetprotector/etc/integrit/known.cdb current=/packetprotector/etc/integrit/current.cdb # Ignore '!' the following directories because we don't care if their contents are modified. # All the ones included here are going to bee ignored for checks. Just add your own for excluding. !/mnt !/dev !/etc !/home !/lost+found !/proc !/tmp !/usr/local !/usr/src !/sys !/var/log !/var/spool
Save the file, by first pressing ESC-key and then SHIFT+: You can now save the file by typing wq!
Do an update of the current system state:
#integrit -C /packetprotector/etc/integrit/integrit.conf -u
When done you will have a current.cdb file, containing hashes of all your files on your system.
Rename the currentd.cdb to known.cdb, and make sure you copy this to a secure location for later crosscheck.
To make checks of your system for alterations(known.cdb must be existing in /packetprotector/etc/integrit/) run:
#integrit -C /packetprotector/etc/integrit/integrit.conf -c
If files have been altered it will give you warnings and show you when the alterations happend to a specific file.
For more info see Integrits homepage.
/Limpo