From owner-freebsd-isp  Mon Oct 28 09:26:22 1996
Return-Path: owner-isp
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA12945
          for isp-outgoing; Mon, 28 Oct 1996 09:26:22 -0800 (PST)
Received: from house.multinet.net (house.multinet.net [204.138.173.37])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id JAA12927
          for <freebsd-isp@freebsd.org>; Mon, 28 Oct 1996 09:26:15 -0800 (PST)
Received: (from graydon@localhost) by house.multinet.net (8.6.12/8.6.12) id MAA17061; Mon, 28 Oct 1996 12:25:31 -0500
Date: Mon, 28 Oct 1996 12:25:31 -0500 (EST)
From: "Graydon Hoare ()" <admin@multinet.net>
To: Victor Hugo Velasco Esparza <vvelasco@acnet.net>
cc: freebsd-isp@freebsd.org
Subject: RE: Hackers
In-Reply-To: <01BBC4BF.CDAD39A0@site>
Message-ID: <Pine.BSF.3.91.961028121645.16787C-100000@house.multinet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 28 Oct 1996, Victor Hugo Velasco Esparza wrote:

> 	How I can get a checksum of my inetd deamons?

md5 /usr/local/libexec/* >checkfile.old

or

cksum /usr/local/libexec/* >checkfile.old

take checkfile off the machine, on a floppy, or encrypt it and hide it 
somewhere unsuspicious. next day, diff checkfile.new and checkfile.old.

Anyone modifies your daemons, it might give you a clue. Then again, if 
you have superhackers from hell, maybe they've thought of that... md5 is 
a lot harder to fake.

-graydon
__________________________________________________________
I used to think that my brain was the most important organ 
in my body, but then I realized who was telling me this