Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: [OT] Re: Knocking Microsoft
From: Cedric Blancher <blancher () cartel-securite fr>
Date: Sat, 28 Feb 2004 19:08:05 +0100
Le sam 28/02/2004 à 10:31, Martin Mačok a écrit :

% apt-get update && apt-get upgrade
% apt-get install apache-ssl

Will it transfer the data in a secure way? (SSL?)


What's the point securing publicly available data transfer with SSL ?
The only thing that is important regarding to security for remote
software installation and/or upgrade is archive authentication and
integrity check after reception so one can avoid trojaned stuff.


Will it verify the data after being downloaded? (PGP signature?)


Can be configured to do so. BTW, sadly, by default, only MD5 is checked.

-- 
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]