Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] netstat-output
  • From: Yuri Robbers <yuri@xxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 5 Dec 2000 23:23:21 +0100 (MET)
  • Message-id: <Pine.LNX.4.21.0012052318130.10802-100000@xxxxxxxxxxxxxxxxxxxx>

> > To verify an installed package against a RPM, use:
> >
> > rpm -Vp packagename.rpm
>
> This of course is trivial for an attacker to circumvent, the RPM database is
> not really protected at all.

Burn it on a CD-R along with your tripwire database as soon as you have
installed and configured your system, but before you bring up the network
connections or allow anyone to log in on the console. And make sure no
hacker can swap the CD-R around for one of his own making after
compromising your system... :o)

Cheers!
Yuri.

--------------------------------------------------------------------------
drs. Yuri Robbers phone : +31-71-527-4966
Leiden University fax : +31-71-527-4900
Institute for Theoretical Biology email : robbers@xxxxxxxxxxxxxxxxxxxx
Kaiserstraat 63
2311 GP Leiden PGP 5.0 public key available:
the Netherlands Check your favourite hkp server.
--------------------------------------------------------------------------


< Previous Next >
References