At 07:02 PM 3/5/99 +0000, Bennett Todd wrote:
>1999-03-05-16:53:47 dreamwvr:
>> noticed that you had been hacked and were looking for a method to
>> interegate your binaries and important files. Here is a suggestion
>> that i have not seen that is food for thought at the least;-) Consider
>> using pgps signature often missed ability to check for changes in system.
>> that way if you check the files in question and they have changed and
>> should not have you know that somethings up:-) but you will need to
>> do some fancy footwork to keep this accurate when you legitimately
>> do changes. oh..well it was just another suggestion.
>
>PGP sigs could work --- if you had a database of the correct PGP sigs for all
>the files on the system, before it got hacked.
>
>However, MD5 checksums of all the files are sufficient for this application,
>and happily he has got 'em (since it's a Red Hat release). There are MD5
>checksums in the original packages on his Red Hat CD, and he can use the
>original distribution boot floppies and the original CD to check 'em,
avoiding
>any chance of even a hoaxed kernel faking out the check.
i have always enjoyed MD5 :')
>Of course, how effective this might be will be limited by how many files have
>been upgraded or added and whether known-good RPMs can be found for those
>newer files.
the immediately above is a above is always a problem on a production box
IMHO it is very wise to limit the services so that you understand the
personality and what should be where for each system.
Regards,
[EMAIL PROTECTED]
>-Bennett
>
Reuters, London, February 29, 1998:
Scientists have announced discovering a meteorite which will strike the
earth in March, 2028. Millions of UNIX coders expressed relief for being
spared the UNIX epoch "crisis" of 2038.
_______________________________________________________________________
DREAMWVR.COM - TOTAL WEB INTEGRATION, DEVELOPMENT, DESIGN SERVICES.
Featuring Website Development and Web Strategies of a TOP Developer
New Look and Feel... Coming to a Browser near you..:)
<http://www.dreamwvr.com/services/MAX_SEC.html><-- Road Improvements
DREAMWVR.COM - The Console of Many... 24 X 7 Evolution Internet
<http://www.dreamwvr.com/dynamicduo.html> <mailto:[EMAIL PROTECTED]>
"As Unique as the Company You Keep." "===0 PGP Key Available
________________________________________________________________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
