SuSE 9.3 Pro 5 CD ISO set
I want to thank whoever posted the address of the site that has the 5 SuSE 9.3 Pro CD images available for BitTorrent access. BitTorrent is new to me and I've set my Windows XP laptop to use the torrent (and make my downloaded data available for others to download) -- I now have the 5 CD ISO images on my machine. The MD5Sums correspond to the sums listed on the website ( http://www.interknet.net/bt/?torrent=suse93 ). Great! My question is: how do I know that these are authentic, unaltered SuSE distribution CDs? How do I know if these images haven't been tampered with and that the tampered MD5Sums have been included? Of course I verify that posted sum correctly. Please... don't get me wrong, I'm very appreciative that this individual has made this available as a shared resource for us SuSE Linux fans. How do I trust these images? That they don't have an embedded root kit or something else installed? Overly paranoid? Thanks in advance for your comments/feedback. -*-Bill
Bill, On Sunday 22 May 2005 20:05, Bill M. wrote:
I want to thank whoever posted the address of the site that has the 5 SuSE 9.3 Pro CD images available for BitTorrent access. BitTorrent is new to me and I've set my Windows XP laptop to use the torrent (and make my downloaded data available for others to download) -- I now have the 5 CD ISO images on my machine. The MD5Sums correspond to the sums listed on the website ( http://www.interknet.net/bt/?torrent=suse93 ). Great!
My question is: how do I know that these are authentic, unaltered SuSE distribution CDs? How do I know if these images haven't been tampered with and that the tampered MD5Sums have been included? Of course I verify that posted sum correctly.
You don't know. If you care--and you should--either buy the SuSE distribution or wait for them to put it up on their own Web site.
Please... don't get me wrong, I'm very appreciative that this individual has made this available as a shared resource for us SuSE Linux fans. How do I trust these images? That they don't have an embedded root kit or something else installed?
You don't know. You can always install it and start hunting for malware, but given that the putative perp has unlimited time to cover his tracks, if there was actual malicious intent, it may be very difficult for you to detect it. By the time you do, damage could be done (personal data could be sent to the perp, e.g.).
Overly paranoid? Thanks in advance for your comments/feedback.
I'd say it's prudently watchful and concerned. Now add patience or cash and you'll have some security.
-*-Bill
Randall Schulz
2005/5/22, Randall R Schulz <rschulz@sonic.net>:
Bill,
On Sunday 22 May 2005 20:05, Bill M. wrote:
I want to thank whoever posted the address of the site that has the 5 SuSE 9.3 Pro CD images available for BitTorrent access. BitTorrent is new to me and I've set my Windows XP laptop to use the torrent (and make my downloaded data available for others to download) -- I now have the 5 CD ISO images on my machine. The MD5Sums correspond to the sums listed on the website ( http://www.interknet.net/bt/?torrent=suse93 ). Great!
My question is: how do I know that these are authentic, unaltered SuSE distribution CDs? How do I know if these images haven't been tampered with and that the tampered MD5Sums have been included? Of course I verify that posted sum correctly.
You always can buy the official distro,or wait for the (soon to be released) official FTP version. The site where you download the torrent is well-known and the torrent contents cannot be corrupted.(AFAIK)
Randall R Schulz wrote:
You don't know. You can always install it and start hunting for malware, but given that the putative perp has unlimited time to cover his tracks, if there was actual malicious intent, it may be very difficult for you to detect it. By the time you do, damage could be done (personal data could be sent to the perp, e.g.).
The prudent thing to do under this scenario is to have the network cable unplugged and do a thorough burn-in of the system. However, there's always the possibility that some malware won't be active until a live internet connection is available. Christopher Reimer http://www.creimer.ws
Randall R Schulz wrote:
Bill,
On Sunday 22 May 2005 20:05, Bill M. wrote:
I want to thank whoever posted the address of the site that has the 5 SuSE 9.3 Pro CD images available for BitTorrent access. BitTorrent is new to me and I've set my Windows XP laptop to use the torrent (and make my downloaded data available for others to download) -- I now have the 5 CD ISO images on my machine. The MD5Sums correspond to the sums listed on the website ( http://www.interknet.net/bt/?torrent=suse93 ). Great!
My question is: how do I know that these are authentic, unaltered SuSE distribution CDs? How do I know if these images haven't been tampered with and that the tampered MD5Sums have been included? Of course I verify that posted sum correctly.
You don't know. If you care--and you should--either buy the SuSE distribution or wait for them to put it up on their own Web site.
Or get someone who had purchased the original package, to make copies.
Bill M. wrote:
I want to thank whoever posted the address of the site that has the 5 SuSE 9.3 Pro CD images available for BitTorrent access. BitTorrent is new to me and I've set my Windows XP laptop to use the torrent (and make my downloaded data available for others to download) -- I now have the 5 CD ISO images on my machine. The MD5Sums correspond to the sums listed on the website ( http://www.interknet.net/bt/?torrent=suse93 ). Great!
My question is: how do I know that these are authentic, unaltered SuSE distribution CDs? How do I know if these images haven't been tampered with and that the tampered MD5Sums have been included? Of course I verify that posted sum correctly.
Please... don't get me wrong, I'm very appreciative that this individual has made this available as a shared resource for us SuSE Linux fans. How do I trust these images? That they don't have an embedded root kit or something else installed?
You don't know they've not been tampered with. SuSE doesn't publish the md5sums. What you can do, is compare with the original disks.
participants (5)
-
Bill M. -
Christopher Reimer -
Cristian Rodriguez -
James Knott -
Randall R Schulz