-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gabriel Gunderson wrote: > On Wed, Jul 15, 2009 at 9:32 AM, Corey Edwards<ten...@zmonkey.org> wrote: >>> Well, I guess if you had md5/sha1 sums (that you can trust) of every >>> file on your system and you're willing to go file-by-file and verify >>> them when mounted on a trusted system (*not* the one that was hacked), >>> then, maybe, you could sleep again at night knowing all is well. >> Even then, you have to be confident that the md5 sums you have are from >> *before* the hack. What if they broke in long before realized it and you >> have no reliable backups? > > Right, if you read the above, you'll see that the suggestion is to use > md5/sha1 sums *that you can trust*. This implies that you made them > after a clean install (or before you plugged it into the interwebs). > > I only point this out because I got 2 responses that start with "Even > then," and then go on to cover items that I already mentioned ;)
Fair enough, you got me. My point was that just because you do trust your backups doesn't necessarily mean they're trustworthy. In the case you describe, yeah that's pretty safe. But systems change continually and without the mind-numbing task of verifying each and every file change you can't say for certain whether it was for good or evil. I mean, you haven't yet noticed that I broke into your server. :P Corey -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpeD+wACgkQwNwjtxfqOkO/rgCeKhI3T8HoaCyntE5/yPwdbqwS BjEAn2Copt1qK/YK80E5aDkU2YKQatN1 =Dh+a -----END PGP SIGNATURE----- /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
