10/13/2017 5:31 PM | |
Joined: 4/28/2015 Last visit: 6/28/2024 Posts: 578 Rating: (43) |
The more dynamic a system becomes the more complex the integrity check gets. The current answer of Linux on this is called IMA - Integrity Measurement Architecture (https://sourceforge.net/p/linux-ima/wiki/Home). It can tell you, e.g., if all changes to a file happened while the system was running in an integer state. Unfortunately, it's not yet commodity technology that you "just enable". |
Follow us on