TRACK CONFIGURATION CHANGES WITH CVS

Concurrent Versions System (CVS) is an extremely versatile and useful
tool for programmers to keep track of changes between various revisions of
source code. However, CVS can be used to track revisions between any text
files, whether they are text documents or text configuration files.

Since most configuration files are located in /etc and nearly all are
text-based, you can take advantage of CVS's many features to track
differences between configuration files. For instance, you can use CVS to track
differences between password files, Apache configuration files, BIND
configuration files, etc.

This is extremely useful if you are experimenting with a new software
version and must modify the configuration file in order to work with it.
All you need to do is make sure the configuration file is in CVS and
up-to-date prior to the upgrade before making your modifications. If anything
goes wrong, you can downgrade the software, check out the previous
configuration file revision, and get the same configuration file back without
any loss. Using CVS to track revisions of configuration files can also help
you track changes to your system.

If you are ever successfully attacked, having a copy of your
configuration files in CVS will help by providing you with a base against which you
can compare your current system. This will help you determine what, if
anything, the attacker changed in terms of configuration files and will
also help you quickly remedy any changes they've made. As a last-ditch
effort, having your configuration files in CVS will help you re-create the
state of your system, should you be forced to perform a complete reinstall.