<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Incidents: Re: yes, its t0rn again

Re: yes, its t0rn again

From: Andreas Hasenack <andreas_at_CONECTIVA.COM.BR>
Date: Wed, 3 Jan 2001 15:51:53 -0200

Em Tue, Jan 02, 2001 at 11:33:45PM -0800, Andrew Edelstein escreveu:
> Make sure your md5sum binary is also on immutable media. It doesn't do you any
> good to have known good checksums, if the binary that does the checking can be
> hacked to tell you what the hacker wants it to tell you.

That may also not be enough. A library could have been hacked, md5sum should be
statically linked. And, if a kernel module has been inserted, then all bets
are off, you would have to reboot from a known kernel to be sure.
Received on Jan 03 2001

This message: [ Message body ]
Next message: Tansey, Don: "Re: RH6 boxes cracked"
Previous message: Alfred Huger: "Out of Office Purge - Ignore"
In reply to: Andrew Edelstein: "Re: yes, its t0rn again"
Next in thread: Helmut Springer: "Re: yes, its t0rn again"
Reply: Helmut Springer: "Re: yes, its t0rn again"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos