hashdeep icon indicating copy to clipboard operation
hashdeep copied to clipboard

Published 20 hours ago verified publisher icon jessek

Hashdeep of existing distro linuxes?

Open mrjcleaver opened this issue 7 years ago • 3 comments

Hi - assuming hashdeep is suitable for tracking whole systems, from distro install through the life of the machine, is there an archive of existing hashdeep hashes for popular starting points?

Eg say I start with cantos 7.2 x64 ISO, can I download the fingerprint hash file for that distro?m, rather than having to generate it myself?

Is there them an existing way to note that I expect certain folders to change (/var ) or remain the same (/etc)?

Or should I be looking at sone other tool for that?

Thanks, Martin

mrjcleaver avatar Aug 02 '17 10:08 mrjcleaver

I noted:

  • https://github.com/OWASP/glue
  • https://github.com/raztus/hashup
  • https://github.com/cipherboy/hddb (no documentation)

mrjcleaver avatar Aug 02 '17 12:08 mrjcleaver

It sounds like you're looking for something from Tripwire or its open source tools, https://www.tripwire.com/

jessek avatar Aug 04 '17 18:08 jessek

I'm playing with DirectoryWatch and looking for interested helpers. It's not quite ready yet but your can get it from "https://github.com/stanley3384/DirectoryWatch". It is working but I'm still perfecting it. Maybe I'm shying away from less that perfect. Ian.

stanley3384 avatar Aug 07 '17 17:08 stanley3384