Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: yes, its t0rn again
.

  • To: [EMAIL PROTECTED]
  • Subject: Re: yes, its t0rn again
  • From: Andreas Hasenack <[EMAIL PROTECTED]>
  • Date: Thu, 04 Jan 2001 13:35:50 +0100
  • In-reply-to: <[EMAIL PROTECTED]>
.
 
Em Tue, Jan 02, 2001 at 11:33:45PM -0800, Andrew Edelstein escreveu:
> Make sure your md5sum binary is also on immutable media. It doesn't do you any
> good to have known good checksums, if the binary that does the checking can be
> hacked to tell you what the hacker wants it to tell you.

That may also not be enough. A library could have been hacked, md5sum should be
statically linked. And, if a kernel module has been inserted, then all bets
are off, you would have to reboot from a known kernel to be sure.
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.