Ensuring the integrity of files and maintaining a baseline file system on a computer are constant problems. Attacks by malicious code, as well as inadvertent corruption by operating systems, other files, etc. provide a less than ideal environment for maintaining file integrity and maintaining a baseline system. Attacks by malicious users, such as hackers, as well as authorized changes by authorized users, e.g. disgruntled employees, may also violate file integrity and the system baseline. Moreover, maintaining appropriate updates of computer files leaves yet another area of file integrity and baseline maintenance for the user. For example, various iterations of Microsoft Windows contain a registry necessary to properly operate a computer system, yet updates may corrupt the registry when not properly integrated in the registry after installation.
Mechanisms do exist in the art for attempting to ensure file (“file” as used hereinafter generally includes files, data, code and microcode, e.g. firmware and the like) integrity and baseline maintenance for a system. For example, antivirus or other similar packages attempt to protect the system or network from hostile, malicious, predetermined and/or proscribed code (generally referred to hereinafter as “proscribed code.”) VFIND®, from CyberSoft, Inc., is one such product that protects systems and networks from proscribed code. Any stand alone antivirus programs, such as VFIND®, usually need to be run by the user, however, and run frequently, otherwise the protections offered by the programs are lost. Also, these programs do not generally intercept proscribed code as the code is transferred from machine to machine, nor do these programs protect against hostile or unauthorized access to a machine or network.
Similarly, updating programs attempt to ensure the integrity of files on computer systems. The difficulties with updating systems arise, however, because updating systems are often program specific, and must be run for each program the user wants to update. This is a cumbersome task that may be put off by the user. Those updating programs that are not program specific, i.e. that purport to provide updating to the files on the user's system, may also have difficulties, because general updating programs are often restricted to a specific database of programs, and if any program is not present on the database, it will not be updated.
Accordingly, it is an object of the present invention to provide apparatus, methods and articles of manufacture for computer file integrity and baseline maintenance in a networked environment.