Fly Boy Mac OS
Fly Boy Mac OS
Click here to return to the 'Track file changes to help with system recovery' hint |
You've basically invented a simplified version of tripwire. Tripwire monitors critical parts of your system for changes (additions/removals/modifications) and alerts you as to what's happening. It's generally a pain to setup, but it will tell you when a file is modified, even if that modification cleverly didn't change the size of the original.
If you're really paranoid the only solution is to install tripwire and have it write its files to some safe place. You can then use those files to cryptographically verify that the contents of your system have not been changed. (Of course if you do make changes you have to update the tripwire database, but that's pretty easy.)
- Dec 07, '06 07:30:00AM. Contributed by: FlyBoy. I travel a fair bit and, on occasion, have the need to print to my home color laser printer. Printer sharing in OS X works great over the local area network (LAN), but trying to print from across the country to my home printer would seem to require opening up my home firewall to the outside.
- If your an OS man,the OS8 plug is fine. Your 15% fuel is fine. NO MORE THAN 15% That is a long stroke 61 so it will run 1 size up from normal 61's The perfect speed prop for a 61 is a 11x7.5 MAS so a 11x8 or 11x9 12x7 for speed IMO. Check the o ring under carb for cracks and gouges. That is an older model and may need replaced.
FLYBOY is a Cheat Code that only works on Dreamcast version of Re-Volt, as known as Hi-Fi mode. It allows increase the car details. Enter 'FLYBOY' as your username to activate it. This article is a stub. @flyboy: Yeah, dual booting. This is an argument I see too often with this sort of thing, but to be quite frank, unless you have software that is necessary for your business concerns, buying a.
I've been using logGen for years to do this.
I did it to see what an app installs, so we can package it up and track the changes for lab builds.
http://freshmeat.net/projects/loggen/?branch_id=49025&release_id=155769 or
http://www.lsa.umich.edu/lsait/admin/mac/software/index.asp
To use it, first run 'sudo /usr/local/sbin/logGen [orig.dat]' then
'sudo /usr/local/sbin/logGen [new.dat] [orig.dat] > changes.txt'
Or to track system binaries use Checkmate:
http://personalpages.tds.net/~brian_hill/checkmate.html
And check out the afp548 article, for links to updates for checkmate:
http://www.afp548.com/article.php?story=20050325082931247
And finally, RADMIND, Fine grain control over the whole system:
http://rsug.itd.umich.edu/software/radmind/
---
Mat X -- VFX Mac Tech
Yeah, I was gonna say. There is a whole field of software dedicated to tracking system software changes and alerting the administrator if anything is changed. And perhaps the best place to start is with TripWire.
Oh, and I should add the URL as there is a commercial version of TripWire, and it's a little harder to find the open source version. It's here: http://sourceforge.net/projects/tripwire/
I wrote a little shell script that gets called by launchd whenever anything in my user or main Library InputManagers or StartupItems directories get changed. I have growl installed so I have the script give me a growl notification as well as e-mailing me a note with the time of the change and the output of a find command on the directories in question.
Would you be willing to post your script here?
---
Jayson --When Microsoft asks you, 'Where do you want to go today?' tell them 'Apple.'
The launchd method described by FlyBoy is along the lines of what I've been wanting to do. launchd seems perfect for building a tripwire system. I would add that UNIX tripwires generally monitor key system components, like commands in /bin and /sbin, for changes that would likely be indicative of a hack. Creating a full featured tripwire system that does this (as well as Mac OS-specific stuff) with launchd probably wouldn't be too difficult, and would have the added benefit of running in the background and providing notification of changes. If ever I get around to building such a beast, I will post about it here.
find ... -mtime ...
using touch
(or something equivalent) to change file modification times, which any cleverly-written trojan/virus would do. The -ctime option for find does a better job at detecting changed files. fseventer
http://www.macupdate.com/info.php/id/19141
If you want an 'official' solution for such things (and quite a few more), look at the Common Criteria Tools from Apple:
http://www.apple.com/downloads/macosx/apple/commoncriteriatools.html
- tripwire – DarwinPorts' integrity assurance and intrusion detection tool
- radmind – tripwire/integrity checking: once a change is detected, can optionally reverse change
Â
FileControl:
A trial version can be downloaded.
Sidekick Vol. 2
Intended for mature audiences
Barry Chase, aka Flyboy, was the faithful sidekick of the Red Cowl... until the day the Cowl was murdered, sending Barry out on his own into a hostile world that ridiculed him. Now the truth is known: the Red Cowl faked his death to ditch Flyboy and now it's time for payback as our story reaches its dark conclusion. Will Flyboy go through with his plans to murder the Red Cowl? What dark secret does Barry carry from his past?
Collects SIDEKICK #7-12.
Fly Boy Mac Os X
Fly Boy Mac OS