Re: RFE: Could crc32 be included in the debian live/installation disk?

To: debian-user@lists.debian.org
Subject: Re: RFE: Could crc32 be included in the debian live/installation disk?
From: "Thomas Schmitt" <scdbackup@gmx.net>
Date: Sat, 05 Oct 2019 16:53:15 +0200
Message-id: <[🔎] 458691897703663248@scdbackup.webframe.org>
In-reply-to: <[🔎] CAFakBwiuvo3GtdsX6+5h4ohZd0AEB5NbdB4ddeJ2jV0MCQrAMQ@mail.gmail.com>
References: <[🔎] CAFakBwiuvo3GtdsX6+5h4ohZd0AEB5NbdB4ddeJ2jV0MCQrAMQ@mail.gmail.com>

Hi,

Albretch Mueller wrote:
> [...] crc32 [...] 200+K files

Kids, whatever you do with one of the many "CRC-32"s, be aware that the
birthday paradox predicts several identical 32-bit outcomes among 200,000
files.

In the context of an intrusion detection system, a 32-bit checksum is
much too easy to fool. In the face of suspected intentional alteration,
i'd not even deem 128-bit MD5 good enough.

> Any ideas about how that kind of base lining could be improved,
> streamlined?

Did you already evaluate existing IDS like the following ?
  https://packages.debian.org/stable/samhain
  https://packages.debian.org/stable/systraq
  https://packages.debian.org/stable/tiger
  https://packages.debian.org/stable/tripwire

(The game of mutual fooling and spoofing needs lot of experience.)

Have a nice day :)

Thomas

Reply to:

Follow-Ups:
- Re: RFE: Could crc32 be included in the debian live/installation disk?
  - From: Albretch Mueller <lbrtchx@gmail.com>

References:
- RFE: Could crc32 be included in the debian live/installation disk?
  - From: Albretch Mueller <lbrtchx@gmail.com>

Prev by Date: Re: RFE: Could crc32 be included in the debian live/installation disk?
Next by Date: Re: hostname?
Previous by thread: Re: RFE: Could crc32 be included in the debian live/installation disk?
Next by thread: Re: RFE: Could crc32 be included in the debian live/installation disk?
Index(es):
- Date
- Thread