Verify Integrity with RPM

An XCCDF Group

Details
Profiles
Prose

Description

The RPM package management system includes the ability to verify the integrity of installed packages by comparing the installed files with information about the files taken from the package metadata stored in the RPM database. Although an attacker could corrupt the RPM database (analogous to attacking the AIDE database as described above), this check can still reveal modification of important files. To list which files on the system differ from what is expected by the RPM database:

$ rpm -qVa

See the man page for rpm to see a complete explanation of each column.

ID: xccdf_org.ssgproject.content_group_rpm_verification
Child Items: 3
Updated: about 1 year ago