Recently my uni server has been hacked, among other things the intruders replaced the ssh client with one that sends any passwords to a site in Hungary. In the meantime I probably logged into my home server from there, so I have to assume they have harvested my password, logged into my home server and given it the same treatment. Of course I can zero in on the ssh client itself, perhaps remove and reinstall openssh using dpkg, but more generally, I would like to use dpkg to verify all installed files against the distribution release after having used digital signatures to verify the package files. Is this possible? Also, can dpkg tell me if other stuff has turned up in directories such as /sbin, i.e. list any files that aren't under package management?
Many thanks,
cheers, Nick
Bookmarks