Fcheck - Filesystem Baseline Integrity Checker

Antivirus, forensics, intrusion detection, cryptography, etc.
Post Reply
Message
Author
User avatar
jemimah
Posts: 4307
Joined: Wed 26 Aug 2009, 19:56
Location: Tampa, FL
Contact:

Fcheck - Filesystem Baseline Integrity Checker

#1 Post by jemimah »

This is a perl script that can tell you when files change on your filesystem. It doesn't need any perl modules so it's quite small.

First edit /usr/local/admtools/conf/fcheck.cfg to set up what files you want to monitor.

Then run 'fcheck -ac' to create the initial snapshot.

Then you can run 'fcheck -a' at any time to see if anything has changed.

The script is quite configurable and useful. It also comes in handy for debugging and development work. You could, for instance, use it to find out exactly what's changed in a remaster compared to the original base system.
Attachments
fcheck-2.7.59-14.pet
(32.31 KiB) Downloaded 728 times

Post Reply