Dan Marner: | I would appreciate any pointers to documents, source code or | programs that deal with using cryptographic techniques to detect | or prevent modification of executable code. I am looking for | something that uses either a signature or a one-way hash to detect | modifications at run time. | Of particular interest is information on signing a file that | includes the signature as part of the file. Is this possible with | any of the common algorithms? Tripwire will run as a seperate UNIX process to detect changes to things that you define. Most people who use it use it to watch systems security. We also use it to watch some software thats being run through an FDA trial period; we have to document that it has not changed at any point during the trial. Tripwire can be found in cert.org:pub/tools/tripwire. Adam -- Adam Shostack adam@bwh.harvard.edu Politics. From the greek "poly," meaning many, and ticks, a small, annoying bloodsucker.