[[https://debtags.debian.org/search/bytag?wl=security::integrity]]

=== fail2ban ===

=== debsums ===
Report changed files (also configuration files)
<code>debsums -a -c</code>

<file | /etc/default/debsums>
CRON_CHECK=weekly
</file>

=== debsigs ===
<code>apt-get install debsigs debsig-verify</code>

=== debsecan ===
debsecan is a tool to generate a list of vulnerabilities which affect
 a particular Debian installation.  debsecan runs on the host which is
 to be checked, and downloads vulnerability information over the
 Internet.  It can send mail to interested parties when new
 vulnerabilities are discovered or when security updates become
 available.

=== tripwire ===