What methods or add-ons or day to day procedures does everyone use to check the integrity of a system to make sure it’s not compromised. CentOS / Redhat based systems have rpm -Va that you can run to check package files, or you can use md5sum then compare results. What tools are available on IPFire to lock down the system then verify the system integrity?
Hi,
first, please start different topics for different questions.
What methods or add-ons or day to day procedures does everyone use to check the integrity of a system to make sure it’s not compromised. CentOS / Redhat based systems have rpm -Va that you can run to check package files, or you can use md5sum then compare results. What tools are available on IPFire to lock down the system then verify the system integrity?
Well, when it comes to the kernel, an attacker cannot load any custom modules. Most
kernel rootkits are rendered unusable by this. For more details, please refer to:
Core Updates are both signed and encrypted, so if you did not make any modifications to
your firewall, there is little chance to compromise it by attempting to hijack updates.
Also, I am considering upgrading our current IPFire hardware, what benchmarking tools can I run to compare old vs. new systems to see what will work best?
Well, the usual ones, such as iperf3.
Are there any United States-based companies that offer commercial support for IPFire Systems? I know lightning Wire is an option but their based in Germany, and there’s a large timezone difference.
To my knowledge, Lightning Wire Labs handles US-based customers today already.
Thanks, and best regards,
Peter Müller
Thanks for the fast reply, I will post the questions seperately.