> Is there an option to dpkg (or it's friends) to verify that what's > currently installed is the same as what should be installed? In other > words, if random cracker person decides to break into my system and > change login, ls, and ps, can I compare from a .deb file that those > programs are correct or not (using md5 checksums or some such)? > > I don't acutally suspect my system was broken into, but a friend of > mine was as such and I want to be prepared. There is the debsums package which checks the packages files against the md5sum list that came with it. There is also a program with debsums that will generate the md5sum list for packages that didn't come with one. IMHO i think that packages should be required to come with md5sums but this is not the case right now. You can also look at /var/lib/dpkg/info/*.md5sums.