Mailinglist Archive: opensuse (1872 mails)
| < Previous | Next > |
Re: [opensuse] package verification?
- From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
- Date: Tue, 4 Nov 2008 11:52:41 +0100 (CET)
- Message-id: <alpine.LSU.2.00.0811041144150.4983@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday, 2008-11-04 at 11:01 +0100, Joop Beris wrote:
Ah, I didn't express myself quite well. I meant installing another system, now, off-network, and compare.
Of course. I tend to think the worst, usually, but better make sure.
A spambot, perhaps... converted this machine into a slave for their things.
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkkQKXwACgkQtTMYHG2NR9VMgQCfaxlhbfl+w4L1A5KoKSVm1Rmr
BmMAnjWTJIDMS/1tDWmf08stL/sTKEiB
=X8sc
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Hash: SHA1
On Tuesday, 2008-11-04 at 11:01 +0100, Joop Beris wrote:
On Tuesday 04 November 2008 10:44:51 am Carlos E. R. wrote:
On Tuesday, 2008-11-04 at 08:31 +0100, Joop Beris wrote:
The only way to be sure that no executables have been altered, would be
to verify the checksum of each executable against the checksum of that
file at system installation. You'd need a read-only medium with that
checksum
Or against another system installed in the same way, with the same
updates.
Okay, granted...but I sincerely hope they don't have more similarly unpatched
systems hanging around on their network. If so, the attacker could have
penetrated further into the network, not just in this one system (provided
the network was set up in such a way to allow that to happen, of course).
Ah, I didn't express myself quite well. I meant installing another system, now, off-network, and compare.
A 9, unpatched... must have many holes. Could even be a script kiddie. Now
they'll learn to update.
True, but often people shout "OMG, I've been hacked", while there is
something completely different going on with their system, which is causing
it to behave unexpectedly. Without knowing what symptoms the system is
showing, it's impossible to tell.
Of course. I tend to think the worst, usually, but better make sure.
A script kiddie is most likely...since a real hacker would be a lot better at
covering his/her tracks.
A spambot, perhaps... converted this machine into a slave for their things.
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkkQKXwACgkQtTMYHG2NR9VMgQCfaxlhbfl+w4L1A5KoKSVm1Rmr
BmMAnjWTJIDMS/1tDWmf08stL/sTKEiB
=X8sc
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |