1.\" Copyright (c) 1989, 1990, 1993
2.\" The Regents of the University of California. All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\" notice, this list of conditions and the following disclaimer.
--- 12 unchanged lines hidden (view full) ---
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\" From: @(#)mtree.8 8.2 (Berkeley) 12/11/93
29.\" $FreeBSD: head/usr.sbin/mtree/mtree.8 141846 2005-02-13 22:25:33Z ru $
30.\"
31.Dd January 11, 2004
32.Dt MTREE 8
33.Os
34.Sh NAME
35.Nm mtree
36.Nd map a directory hierarchy
37.Sh SYNOPSIS
--- 161 unchanged lines hidden (view full) ---
199.It Cm md5digest
200The MD5 message digest of the file.
201.It Cm sha1digest
202The
203.Tn FIPS
204160-1
205.Pq Dq Tn SHA-1
206message digest of the file.
207.It Cm ripemd160digest
208The
209.Tn RIPEMD160
210message digest of the file.
211.It Cm mode
212The current file's permissions as a numeric (octal) or symbolic
213value.
214.It Cm nlink
--- 97 unchanged lines hidden (view full) ---
312.El
313.Sh EXIT STATUS
314.Ex -std
315.Sh EXAMPLES
316To detect system binaries that have been ``trojan horsed'', it is recommended
317that
318.Nm
319.Fl K
320.Cm sha1digest
321be run on the file systems, and a copy of the results stored on a different
322machine, or, at least, in encrypted form.
323The output file itself should be digested using the
324.Xr md5 1
325utility.
326Then, periodically,
327.Nm
328and
329.Xr md5 1
330should be run against the on-line specifications.
331While it is possible for the bad guys to change the on-line specifications
332to conform to their modified binaries, it is believed to be
333impractical for them to create a modified specification which has
334the same MD5 digest as the original.
335.Pp
336The
337.Fl d
338and
339.Fl u
340options can be used in combination to create directory hierarchies
341for distributions and other such things; the files in
342.Pa /etc/mtree
--- 24 unchanged lines hidden (view full) ---
367The
368.Tn SHA-1
369and
370.Tn RIPEMD160
371digests were added in
372.Fx 4.0 ,
373as new attacks have demonstrated weaknesses in
374.Tn MD5 .
375Support for file flags was added in
376.Fx 4.0 ,
377and mostly comes from
378.Nx .
2.\" The Regents of the University of California. All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\" notice, this list of conditions and the following disclaimer.
--- 12 unchanged lines hidden (view full) ---
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\" From: @(#)mtree.8 8.2 (Berkeley) 12/11/93
29.\" $FreeBSD: head/usr.sbin/mtree/mtree.8 141846 2005-02-13 22:25:33Z ru $
30.\"
31.Dd January 11, 2004
32.Dt MTREE 8
33.Os
34.Sh NAME
35.Nm mtree
36.Nd map a directory hierarchy
37.Sh SYNOPSIS
--- 161 unchanged lines hidden (view full) ---
199.It Cm md5digest
200The MD5 message digest of the file.
201.It Cm sha1digest
202The
203.Tn FIPS
204160-1
205.Pq Dq Tn SHA-1
206message digest of the file.
207.It Cm ripemd160digest
208The
209.Tn RIPEMD160
210message digest of the file.
211.It Cm mode
212The current file's permissions as a numeric (octal) or symbolic
213value.
214.It Cm nlink
--- 97 unchanged lines hidden (view full) ---
312.El
313.Sh EXIT STATUS
314.Ex -std
315.Sh EXAMPLES
316To detect system binaries that have been ``trojan horsed'', it is recommended
317that
318.Nm
319.Fl K
320.Cm sha1digest
321be run on the file systems, and a copy of the results stored on a different
322machine, or, at least, in encrypted form.
323The output file itself should be digested using the
324.Xr md5 1
325utility.
326Then, periodically,
327.Nm
328and
329.Xr md5 1
330should be run against the on-line specifications.
331While it is possible for the bad guys to change the on-line specifications
332to conform to their modified binaries, it is believed to be
333impractical for them to create a modified specification which has
334the same MD5 digest as the original.
335.Pp
336The
337.Fl d
338and
339.Fl u
340options can be used in combination to create directory hierarchies
341for distributions and other such things; the files in
342.Pa /etc/mtree
--- 24 unchanged lines hidden (view full) ---
367The
368.Tn SHA-1
369and
370.Tn RIPEMD160
371digests were added in
372.Fx 4.0 ,
373as new attacks have demonstrated weaknesses in
374.Tn MD5 .
375Support for file flags was added in
376.Fx 4.0 ,
377and mostly comes from
378.Nx .