keeping tabs
 

Is there a way to keep a list of all installed files & folders that were installed originally by any Linux distribution so that I can keep tabs on changes to the file structure? What’s the best way to achieve this with and without installing any additional software? E.g. Is there a way I can keep tabs without say installing Tripwire?

theres numerous programs that could fall into that category

it really depends on what you mean here

like take a list of all files on the system after a fresh install

or keep track of what program's files got installed where

or keep track of a few files to see when they get modified

or maybe keep track of changes to any file on the system?

SciYro,

I would say at this stage all of them.

Can anyone help?

Why would you not want to use a tool like tripwire that is specifically designed for that task? Granted, you could recursively md5sum the entire filesystem and catalog them into a database, but you'll soon find that some files on the system are much to dynamic for this to work (think of /proc or your logs for example), therefore you have to put some forethought into what should and shouldn't be monitored. If you don't like tripwire, there are a whole slew of file alteration detectors. You can find a very good list in Unspawn's Security References thread (follow the link in my sig if you haven't checked it out already).

Capt_Caveman,

It isn't that I don't want to use Tripwire. I was wondering if there were any other alternatives or the possibility of using a software that was built into the kernel. I will however have a look at UnSpawn's security thread. Thank you.

I don't know of anything that would be built into the kernel. I think the closest to that might be a package manager (like Redhat's RPM) which maintains a db of all RPMs you've installed. However that's limited to RPMs, so if you install anything from source or have users files, they won't be accounted for.

Capt_Caveman,

Thank you for your help and advice.