Am 21.11.19 um 13:59 schrieb Odo Poppinger:
Am 20.11.19 um 12:29 schrieb Elmar Stellnberger:
debcheckroot is targeted at technically experienced users. No way to
hunt rootkits authored by the NSA otherwise. You have to be a tough
user to take this challenge! Well you can of course also use it
Am 25.11.19 um 12:35 schrieb Patrick Schleizer:
How often did you see initrd being infected?
recently only once. So the attackers may change their vector; they have
already done so multiple times.
Not using apt/dpkg comes at the expense of not being able to fully
verify the whole system.
Hi,
> On 25 Nov 2019, at 15:20, Salvatore Bonaccorso wrote:
>
> Hi,
>
> On Mon, Nov 25, 2019 at 11:50:00AM +0100, Sylvain Beucler wrote:
>> Hi,
>>
>> On 22/11/2019 21:23, Sylvain Beucler wrote:
>>> I see in 'embedded-code-copies':
>>>
>>> libonig
>>> - php5 5.3.2-1 (embed)
>>>
>>> (i
Hi,
On Mon, Nov 25, 2019 at 11:50:00AM +0100, Sylvain Beucler wrote:
> Hi,
>
> On 22/11/2019 21:23, Sylvain Beucler wrote:
> > I see in 'embedded-code-copies':
> >
> > libonig
> > - php5 5.3.2-1 (embed)
> >
> > (i.e. from 2010)
> >
> > Jessie seems to properly link to libonig (dependen
Elmar Stellnberger:
>>> Things debcheckroot does not check at the moment are the initrd and
>> the MBR (master boot record). You may unpack the initrd by hand and
>> check the files contained there against a sha256sum list generated by
>> debcheckroot. The MBR can first be backuped by confinedrv/di
Hi,
On 22/11/2019 21:23, Sylvain Beucler wrote:
> I see in 'embedded-code-copies':
>
> libonig
> - php5 5.3.2-1 (embed)
>
> (i.e. from 2010)
>
> Jessie seems to properly link to libonig (dependency of e.g.
> libapache2-mod-php5).
>
> Stretch and Buster however (probably since the new p
6 matches
Mail list logo