-----BEGIN PGP SIGNED MESSAGE----- After fiddling with tripwire, I decided to create a lighter and faster file data intergrity tool. I found tripwire (now a commercial product) to be too heavy and slow for my needs. L6 is a file data integrity checker using both the MD5 and SHA-1 hash algorithms. This tool can detect file tampering based on hashes generated by both algorithms and other inode information (not as reliable tho). It also provides a useful, lightweight and flexible interface (written in perl) to verify file data integrity, and the output and functionality resembles that of L5 (a similar tool written in C by hobbitat_private). Here are a few examples: gilbert@paranoia> cat l6 | l6 - -sha1 Using digest version SHA-1, library version 1.2 - -STANDARD INPUT-//X - - - [-,-] 6048 bytes 4516d5c3bd3699ec63ddfd3b175574e738cbf013 gilbert@paranoia> echo squeamish ossifrage | l6 - - -STANDARD INPUT-//X - - - [-,-] 20 bytes 9469c6c14b5ed78b8aef396d2f9f96d7 gilbert@paranoia> l6 /etc /etc/sshd.pid//text 649608 100666 1 root/root 6 bytes 365de054 5dc552f3cac7db7d02285733b0febc0e /etc/ftphosts//text 649607 100600 1 root/sys 190 bytes 36124491 d6bbb0d28e5f68d2afe01be0a72831d7 /etc/sendmail.cf//text 649534 100644 1 root/other 31497 bytes 365e70e9 545abca428e2dc807c69914b64231335 L6 many more options, and is approx. 40% faster than it's C conterpart. It's open source. It's free. <BIG BANNER HERE> I am donating this tool to the general security community for improvement and comments. http://www.pgci.ca/l6.html Cheers, - -- Patrick Gilbert +1 (514) 865-9178 CEO, PGCI http://www.pgci.ca Montreal (QC), Canada CE AB B2 18 E0 FE C4 33 0D 9A AC 18 30 1F D9 1A -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNnkH1PweOHTzUVddAQG8lwP8DzMllSNOBQMlHC7a9cD4gIi9TjHmc2E0 beanOiAsd7WwhKFvXzfkya5pRpGNXxsE1NpgtW0caFA62xgqb8hTWXV4gdti3T/V bKApaHZEJSzuvPEPUWz2LQwuLjIdl76iwTO1m1gJU/D/mwNs3cYnBLL1xW8P8iZx KO5vkw7zAY8= =/k5E -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:25:08 PDT