[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian audititing tool?

[ Stop sending me unnecessary Ccs.]

On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <shorty@debian.org> writes:
> > > Debsums seems to help a little bit - you can expect to catch some
> > > less-clueful intruders with it, but it doesn't help in general.
> > 
> > debsums just uses md5sums which can be manipulated on the one hand
> > and on the other hand you modify binaries so that the md5sum will
> > still be the same.

> So you've effectively broken MD5 in a way that would yield useful
> results (ie would allow you to replace a specific binary with another
> specific binary, not with some more or less random garbage). How came
> it that you weren't prominently mentionend in this month's cryptogram?

Why don't you get a clue and write again what I wrote? Here's a small
hint: Does the author talks about himself or everybody? If you just want
to do a bit of flaming then you should use someone else as your target.
If not, I assume you haven't read the whole thread. Do this and then
come back again.


Reply to: