Yeah, finally I've decided to re-install from an official iso.
I've found some services in crontab I didn't liked at all - they were
submitting a lot of info to a third-party servers (officially for monitoring
purposes).
p.s. Under "instance" I mean a dedicated unmanaged server.
On 02/24/16 22:03, Terje Elde wrote:>
>
> > On 24 Feb 2016, at 05:17, Robert Ayrapetyan <robert.ayrapetyan at
gmail.com> wrote:
> >
> > Hi. Is there any reliable way to verify checksums of all local files
for some FreeBSD installation? E.g. I'm using a hoster which provides
pre-deployed FreeBSD instances, how can I be sure there are no any
patches\changes in a kernel\services etc? Does FreeBSD provides any automated
tools for such kind of a verification?
>
> Just a quick note; if you suspect malicious intent from a competent
attacker (your provider in this case), running an IDS-type check won't do.
It's possible to use a kernel-module that omits itself when you're
looking at the file system after boot for example, so it'd be invisible or
look normal when checking the filesystem.
>
> Since you say "instance", I'm thinking probably VPS, in which
case there needs to be a level of trust in the provider anyway, and this
probably doesn't apply to you. Just wanted to mention it quickly as an
apropos.
>
> Terje
>