Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] netstat-output
  • From: "Kurt Seifried" <listuser@xxxxxxxxxxxx>
  • Date: Wed, 6 Dec 2000 19:02:03 -0700
  • Message-id: <006601c05ff1$b1e4e8e0$ca00030a@xxxxxxxxxxxx>
In theory MD5 can be tricked with, its unlikely (but theoretically possible)
so most people that need a secure hash algorithm use SHA1 (guess what it
stands for =).

Kurt Seifried, seifried@xxxxxxxxxxxxxxxxxx
SecurityPortal - your focal point for security on the 'net

----- Original Message -----
From: "Michael" <mogmios@xxxxxxxxxxxxxxxxx>
To: "Volker Kuhlmann" <kuhlmav@xxxxxxxxxxxxxxxxxxxxx>
Cc: <suse-security@xxxxxxxxxxxx>
Sent: Wednesday, December 06, 2000 6:52 PM
Subject: Re: [suse-security] netstat-output


> I keep a database of all my files md5sum's and anytime I download anything
> I can check it against that db. Keeps me from accidently duplicating
> files. Useful when you have 100+ gigs of files. Is there any easy way to
> trick someone by making a replaced file have the same md5 sum by adding in
> useless bits at the end or something? Just curious if tripwire or similar
> programs somehow check for something like that.
>
> *^*^*^*
> Have the courage to take your own thoughts seriously, for they will shape
> you. -- Albert Einstein
>
> On Wed, 6 Dec 2000, Volker Kuhlmann wrote:
>
> > > > To verify an installed package against a RPM, use:
> > > >
> > > > rpm -Vp packagename.rpm
> > >
> > > This of course is trivial for an attacker to circumvent, the RPM
database is
> > > not really protected at all.
> >
> > That's why it may be an excellent idea to back up the rpm data base
> > on floppy...
> >
> > > Ok that's a little better but still an attacker can beat it (replace
the rpm
> > > binary for example).
> >
> > ... together with the rpm binary (which is statically linked as well
> > for other reasons).
> >
> > While you're at it, storing md5 sums of at least all the files shown by
> > rpm -qal and all files in /etc is a very good idea too.
> >
> > Volker
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> > For additional commands, e-mail: suse-security-help@xxxxxxxx
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>


< Previous Next >
References