Re: A question about Knark and modules

[Christian Jaeger]

At 2:17 Uhr +0200 19.6.2001, Ethan Benson wrote:
>what if the attacker can poisen your DNS, or routing tables?  then he
>can trick apt into downloading his 37337 `security update' (more like
>unsecurity update heh)

Yes, but that's a problem anyway, isn't it? In fact it's a question I 
have about debian (I'm relative newbie to debian): is there no way to 
make .deb's with signatures? Do I have to parse the security-announce 
list mail to get signed md5 hashes to check the downloaded deb's? If 
so, is there no script doing this already? If yes, the I just wrap 
this one, so the cracker could merely prevent updates from taking 
place successfully.

>get root, run passwd root, ssh in.

But if the passwd command doesn't itself have the rights to access 
/etc/shadow but only the root login shell has (which only runs if 
called through sshd), then the cracker would have to know your root 
passwd before being able to change it.

Christian.


--  
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]