Do a ``dpkg -l PACKAGE`` to see what the version is that's installed. Also make certain that you have disk space with ``df``. If /var is starting to look full, do an ``apt-get clean`` to remove packages from the apt cache. You can also increase the verbosity of installs through environment variables for dpkg (see the manpage). Lastly, you can manually download the packages from http://security.debian.org. Lastly, but perhaps something you should also consider, is that your machine may already be compromised... Maybe. You should install a Host Intrusion Detection System (HIDS) such as AIDE, Samhain, or Tripwire, which you update with EVERY package installation. I recall there being a way to create md5sum on installed files for those packages that don't have them (which are very few, now a days). Package: debsums Priority: optional Section: admin Installed-Size: 64 Maintainer: Brendan O'Dea <bod at debian.org> Architecture: all Version: 2.0.16 Depends: perl (>= 5.8.0-3), debconf (>= 0.5) | debconf-2.0 Filename: pool/main/d/debsums/debsums_2.0.16_all.deb Size: 21046 MD5sum: 051b67e8283720012d64c3e141d11182 Description: Verify installed package files against MD5 checksums. debsums can verify the integrity of installed package files against MD5 checksums installed by the package, or generated from a .deb archive. I remember making a shell script to check md5sums once. Something like:: #!/bin/sh cat << EOWARNING >&2 This script it dedicated to the Public Domain. It is untested and provides NO WARRANTY. Checking md5sums of installed packages. Note that not all packages have md5sums. This also does not replace a true HIDS that tracks all or most files on your filesystems. It only idicates the integrity of the package itself. EOWARNING # Change to the root directory cd / # Get a list of installed packages for pf in `find /var/lib/dpkg/info/ -type f|cut -f1 -d.|sort -u`; do p=`basename $pf` if [ ! -f ${pf}.md5sums ] ; then echo "$p: No md5sums file for package" >&2 continue fi echo "$p: Checking md5sums" >&2 md5sum -c ${pf}.md5sums done ### End Of File The script obviously has shortcomings, such as this: capplets-data: Checking md5sums cdrecord: Checking md5sums md5sum: MD5 check failed for 'etc/default/cdrecord' It notes changes to config files, which we expect to change anyway. The debsums package may be better at this. Good luck. -- Chad Walstrom <chewie at wookimus.net> http://www.wookimus.net/ assert(expired(knowledge)); /* core dump */ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20050330/c2c53798/attachment.pgp