-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 2013-01-04 a las 09:20 +0200, ellanios82 escribió:
- excuse my lack of knowledge . . . can you please give an example of how to use and compare MD5 sums for the purpose of rootkit forensics ??
There is a technique by which you record signatures of files at a time when you know they are correct, and later you compare them to see there was no modification. Used properly it is very reliable. - -- Cheers Carlos E. R. (from 11.4, with Evergreen, x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iF4EAREIAAYFAlDm100ACgkQja8UbcUWM1xRjgD9HDtMepwmUnQcb0N/a2A7zryX 3V4vceg1AZcEqrKNeXoA+wYIBe9UK3msVG9iOVB957a00X2HiVLA2Opm/4LvBP6Y =mjRy -----END PGP SIGNATURE-----