The content of this topic has been archived on 25 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hi,
do you know if we have the "integrit" tool on our OpenWRT.
This allow to follow if some unauthorized modification have been made on the file system of OpenWRT.
http://www.debian-administration.org/articles/49
If we do not have this "integrit" package what can we used in place of it and that available on OpenWRT (Attitude Adjustment) ?
Sincerely thanks and have a nice day,
Miguipda ;-)
Well, let's consider you are talking about OpenWRT on small routers (with some MB of disk). When using squashfs, there is a base filesystem (rom) and the changes (/overlay). The overlay is generally only modified when some config is changed or when a package is installed. As it is very small and does not change frequently, just hash it all, copy all its contents to remote storage every hour, anything.
As you are concern about security, you would need a external syslog server, as OpenWRT uses volatile storage for it.
The discussion might have continued from here.