> On the other hand a lot of things are attacked in /etc, ttys, > login.conf, pam configs, inetd.conf... i agree that it should in the default setup to be scanned, but i'm not sure that it's of value to provide default md5 sums for the data there. tty's, inittab, inetd.conf pam.conf pam.d will all be different from install to install. adam.