Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] netstat-output
  • From: Michael <mogmios@xxxxxxxxxxxxxxxxx>
  • Date: Wed, 6 Dec 2000 19:52:53 -0600 (CST)
  • Message-id: <Pine.LNX.4.21.0012061949460.19798-100000@xxxxxxxxxxxxxxxxx>
I keep a database of all my files md5sum's and anytime I download anything
I can check it against that db. Keeps me from accidently duplicating
files. Useful when you have 100+ gigs of files. Is there any easy way to
trick someone by making a replaced file have the same md5 sum by adding in
useless bits at the end or something? Just curious if tripwire or similar
programs somehow check for something like that.

*^*^*^*
Have the courage to take your own thoughts seriously, for they will shape
you. -- Albert Einstein

On Wed, 6 Dec 2000, Volker Kuhlmann wrote:

> > > To verify an installed package against a RPM, use:
> > >
> > > rpm -Vp packagename.rpm
> >
> > This of course is trivial for an attacker to circumvent, the RPM database is
> > not really protected at all.
>
> That's why it may be an excellent idea to back up the rpm data base
> on floppy...
>
> > Ok that's a little better but still an attacker can beat it (replace the rpm
> > binary for example).
>
> ... together with the rpm binary (which is statically linked as well
> for other reasons).
>
> While you're at it, storing md5 sums of at least all the files shown by
> rpm -qal and all files in /etc is a very good idea too.
>
> Volker
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>


< Previous Next >
Follow Ups
References