On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <[EMAIL PROTECTED]> writes:
> > > Debsums seems to help a little bit - you can expect to catch some
> > > less-clueful
> > > intruders with it, but it doesn't help in general.
> >
> > debsums just uses md5sums which can be manipulated on the one
On Tue, Dec 26, 2000 at 10:52:47PM +0100, Christian Kurz wrote:
> On 00-12-26 Peter Cordes wrote:
> > have produced collisions in MD5. This is a Bad Thing for MD5, but it isn't
> > a real break against MD5. It means that you can find two messages that hash
> > to the same value. To do so, you _h
On Tue, Dec 26, 2000 at 09:27:53PM +0200, Pavel Minev Penev wrote:
> On Tue, Dec 26, 2000 at 05:27:07PM +0300, [EMAIL PROTECTED] wrote:
> > Of course plain md5 hashes are not very helpful. But we can keep MAC[1] for
> > binaries. Tampering with MAC database is useless.
> >
> > ...
> >
> > [1] Messa
On 00-12-26 Peter Cordes wrote:
> have produced collisions in MD5. This is a Bad Thing for MD5, but it isn't
> a real break against MD5. It means that you can find two messages that hash
> to the same value. To do so, you _have_ to choose both messages yourself.
> If one of the messages is /bin/
On Tue, Dec 26, 2000 at 05:37:54PM +0100, Christian Kurz wrote:
> On 00-12-26 Rainer Weikusat wrote:
> > Christian Kurz <[EMAIL PROTECTED]> writes:
> > ... blah blah blah ...
Let's stop arguing about this. Instead of flaming anyone, I'll try to
state the relevant facts, since this argument is o
On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <[EMAIL PROTECTED]> writes:
> > > Debsums seems to help a little bit - you can expect to catch some less-clueful
> > > intruders with it, but it doesn't help in general.
> >
> > debsums just uses md5sums which can be manipulated on the one hand
On Tue, Dec 26, 2000 at 10:52:47PM +0100, Christian Kurz wrote:
> On 00-12-26 Peter Cordes wrote:
> > have produced collisions in MD5. This is a Bad Thing for MD5, but it isn't
> > a real break against MD5. It means that you can find two messages that hash
> > to the same value. To do so, you _
On Tue, Dec 26, 2000 at 09:27:53PM +0200, Pavel Minev Penev wrote:
> On Tue, Dec 26, 2000 at 05:27:07PM +0300, [EMAIL PROTECTED] wrote:
> > Of course plain md5 hashes are not very helpful. But we can keep MAC[1] for
> > binaries. Tampering with MAC database is useless.
> >
> > ...
> >
> > [1] Mess
On 00-12-26 Peter Cordes wrote:
> have produced collisions in MD5. This is a Bad Thing for MD5, but it isn't
> a real break against MD5. It means that you can find two messages that hash
> to the same value. To do so, you _have_ to choose both messages yourself.
> If one of the messages is /bin
On Tue, Dec 26, 2000 at 05:27:07PM +0300, [EMAIL PROTECTED] wrote:
> Of course plain md5 hashes are not very helpful. But we can keep MAC[1] for
> binaries. Tampering with MAC database is useless.
>
> ...
>
> [1] Message Authentication Code. One of possible ways to compute MAC is
> H(K,H(K,M)) wher
On Tue, Dec 26, 2000 at 05:37:54PM +0100, Christian Kurz wrote:
> On 00-12-26 Rainer Weikusat wrote:
> > Christian Kurz <[EMAIL PROTECTED]> writes:
> > ... blah blah blah ...
Let's stop arguing about this. Instead of flaming anyone, I'll try to
state the relevant facts, since this argument is
On Tue, Dec 26, 2000 at 05:27:07PM +0300, [EMAIL PROTECTED] wrote:
> Of course plain md5 hashes are not very helpful. But we can keep MAC[1] for
> binaries. Tampering with MAC database is useless.
>
> ...
>
> [1] Message Authentication Code. One of possible ways to compute MAC is
> H(K,H(K,M)) whe
On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <[EMAIL PROTECTED]> writes:
> > [ Stop sending me unnecessary Ccs.]
> Start thinking about getting a decent mail client.
My client is so decent, that it support a pure list-reply-function.
Looks like your client is missing such a feature.
> >
Christian Kurz <[EMAIL PROTECTED]> writes:
> [ Stop sending me unnecessary Ccs.]
Start thinking about getting a decent mail client.
> > > and on the other hand you modify binaries so that the md5sum will
> > > still be the same.
>
> > So you've effectively broken MD5 in a way that would yield u
[ Stop sending me unnecessary Ccs.]
On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <[EMAIL PROTECTED]> writes:
> > > Debsums seems to help a little bit - you can expect to catch some
> > > less-clueful intruders with it, but it doesn't help in general.
> >
> > debsums just uses md5sums which
Christian Kurz <[EMAIL PROTECTED]> writes:
> > Debsums seems to help a little bit - you can expect to catch some
> > less-clueful
> > intruders with it, but it doesn't help in general.
>
> debsums just uses md5sums which can be manipulated on the one hand and
> on the other hand you modify binari
On Thu, Dec 21, 2000 at 01:39:19PM +0100, Christian Kurz wrote:
> > Debsums seems to help a little bit - you can expect to catch some
> > less-clueful
> > intruders with it, but it doesn't help in general.
>
> debsums just uses md5sums which can be manipulated on the one hand and
> on the other h
On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <[EMAIL PROTECTED]> writes:
> > [ Stop sending me unnecessary Ccs.]
> Start thinking about getting a decent mail client.
My client is so decent, that it support a pure list-reply-function.
Looks like your client is missing such a feature.
>
Christian Kurz <[EMAIL PROTECTED]> writes:
> [ Stop sending me unnecessary Ccs.]
Start thinking about getting a decent mail client.
> > > and on the other hand you modify binaries so that the md5sum will
> > > still be the same.
>
> > So you've effectively broken MD5 in a way that would yield
[ Stop sending me unnecessary Ccs.]
On 00-12-26 Rainer Weikusat wrote:
> Christian Kurz <[EMAIL PROTECTED]> writes:
> > > Debsums seems to help a little bit - you can expect to catch some
> > > less-clueful intruders with it, but it doesn't help in general.
> >
> > debsums just uses md5sums whic
Christian Kurz <[EMAIL PROTECTED]> writes:
> > Debsums seems to help a little bit - you can expect to catch some less-clueful
> > intruders with it, but it doesn't help in general.
>
> debsums just uses md5sums which can be manipulated on the one hand and
> on the other hand you modify binaries s
On Thu, Dec 21, 2000 at 01:39:19PM +0100, Christian Kurz wrote:
> > Debsums seems to help a little bit - you can expect to catch some less-clueful
> > intruders with it, but it doesn't help in general.
>
> debsums just uses md5sums which can be manipulated on the one hand and
> on the other hand
On Tue, Dec 26, 2000 at 09:37:24AM +, Jim Breton wrote:
|On Tue, Dec 26, 2000 at 06:30:43PM +0900, Julian Stoev wrote:
|> Warning: /boot/System.map-2.2.18 does not match kernel data.
|>
|> Can somebody explain this? Is this a security problem? I remember
|> reading something about fake kernel
On Tue, Dec 26, 2000 at 09:37:24AM +, Jim Breton wrote:
|On Tue, Dec 26, 2000 at 06:30:43PM +0900, Julian Stoev wrote:
|> Warning: /boot/System.map-2.2.18 does not match kernel data.
|>
|> Can somebody explain this? Is this a security problem? I remember
|> reading something about fake kernel
Hi!
I started getting this first on SPARC Debian. And now I get it on
Intel.
On SPARC it was first with 2.2.17
Now on SPARC I get
{iommu_unlockarea} {___f_mmu_unlockarea}
Warning: /boot/System.map-2.2.18pre21 does not match kernel data.
On Intel I get
{module_list} {module_list_R__ver_module_li
Hi!
I started getting this first on SPARC Debian. And now I get it on
Intel.
On SPARC it was first with 2.2.17
Now on SPARC I get
{iommu_unlockarea} {___f_mmu_unlockarea}
Warning: /boot/System.map-2.2.18pre21 does not match kernel data.
On Intel I get
{module_list} {module_list_R__ver_module_l
26 matches
Mail list logo