Re: MD5 sums of individual files?

To: debian-security@lists.debian.org
Subject: Re: MD5 sums of individual files?
From: Kenneth Pronovici <pronovic@skyjammer.com>
Date: Thu, 29 Mar 2001 14:27:33 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.21.0103291419410.12031-100000@www.skyjammer.com>
Reply-to: Kenneth Pronovici <pronovic@ieee.org>
In-reply-to: <[🔎] 20010329155221.I4435@llama.nslug.ns.ca>

>  If they root your box, they could mess with your gpg keyring and/or binary.
> They could just spew out fake emails that say the thing was checked, and
> even spin the floppy disk in case you were watching to make sure it was
> doing a "real" check.

OK, I give up.  ;-)  

>  You can't use a possibly-cracked machine to check itself, unless you are
> checking for breakins on non-root accounts.  (e.g. web page defacement if
> they got in through httpd.)

Agreed... or if only one machine is available, we're back to periodically 
booting from a safe, known, bootable CD-R with a kernel, a copy of the 
checksums and all of required binaries on it (which is fine unless someone 
broke into my house and replaced the CD-R ;-)).  

I guess I'll stick with what I have (i.e. the RO floppy) and hope that the 
script kiddie isn't thinking that far ahead (the last one that got through
onto a previous RedHat box of mine wasn't, fortunately).

KEN

-- 
Kenneth J. Pronovici <pronovic@ieee.org>
Personal Homepage: http://www.skyjammer.com/~pronovic/
"The phrase, 'Happy as a clam' has never really held much meaning for me."

Reply to:

References:
- Re: MD5 sums of individual files?
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

Prev by Date: Re: MD5 sums of individual files?
Next by Date: RE: MD5 sums of individual files?
Previous by thread: Re: MD5 sums of individual files?
Next by thread: Re: MD5 sums of individual files?
Index(es):
- Date
- Thread