RE: MD5 sums of individual files?

To: <debian-security@lists.debian.org>
Subject: RE: MD5 sums of individual files?
From: "Don Laursen" <don@darkphoton.com>
Date: Thu, 29 Mar 2001 11:39:39 -0700
Message-id: <[🔎] 002b01c0b87f$9db1b380$9a01000a@nis002>
In-reply-to: <[🔎] Pine.LNX.4.21.0103291132270.12031-100000@www.skyjammer.com>

Ok with that said, how feasable is it for a cracker to install their
rootkit, and mimic the checksummed files to match the contents of the
floppy? Wouldn't he/she just have to unmount the exising floppy drive,
remount it to his/her pseudo check sums?

I'm probably missing the howto detail where the alert is generated before
rootkit is installed.



Thanks,
Don


> Yes, sorry, I wasn't clear about that.  The floppy is mounted RO, plus
> the disk's tab is moved to the RO position.  I agree... I
> wouldn't feel
> comfortable or safe if the floppy was just mounted RO.
>

>> Another way to do this is to install the AIDE package, that performs an
checksum
>> to certain files that you specify in the configuratio by the way tripwire
do
>> it... It's so easy to install and send you an e-mail notifying the daily
results

Reply to:

Follow-Ups:
- RE: MD5 sums of individual files?
  - From: Kenneth Pronovici <pronovic@skyjammer.com>
- RE: MD5 sums of individual files?
  - From: "Pat Moffitt" <pmoffitt@wrv.com>

References:
- Re: MD5 sums of individual files?
  - From: Kenneth Pronovici <pronovic@skyjammer.com>

Prev by Date: Re: MD5 sums of individual files?
Next by Date: RE: MD5 sums of individual files?
Previous by thread: Re: MD5 sums of individual files?
Next by thread: RE: MD5 sums of individual files?
Index(es):
- Date
- Thread