Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] netstat-output
  • From: Michael <mogmios@xxxxxxxxxxxxxxxxx>
  • Date: Wed, 6 Dec 2000 19:52:53 -0600 (CST)
  • Message-id: <Pine.LNX.4.21.0012061949460.19798-100000@xxxxxxxxxxxxxxxxx>
I keep a database of all my files md5sum's and anytime I download anything
I can check it against that db. Keeps me from accidently duplicating
files. Useful when you have 100+ gigs of files. Is there any easy way to
trick someone by making a replaced file have the same md5 sum by adding in
useless bits at the end or something? Just curious if tripwire or similar
programs somehow check for something like that.

Have the courage to take your own thoughts seriously, for they will shape
you. -- Albert Einstein

On Wed, 6 Dec 2000, Volker Kuhlmann wrote:

> > > To verify an installed package against a RPM, use:
> > >
> > > rpm -Vp packagename.rpm
> >
> > This of course is trivial for an attacker to circumvent, the RPM database is
> > not really protected at all.
> That's why it may be an excellent idea to back up the rpm data base
> on floppy...
> > Ok that's a little better but still an attacker can beat it (replace the rpm
> > binary for example).
> ... together with the rpm binary (which is statically linked as well
> for other reasons).
> While you're at it, storing md5 sums of at least all the files shown by
> rpm -qal and all files in /etc is a very good idea too.
> Volker
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx

< Previous Next >
Follow Ups