|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andreas Hasenack (andreas
CONECTIVA.COM.BR)Date: Wed Jan 03 2001 - 11:51:53 CST
Em Tue, Jan 02, 2001 at 11:33:45PM -0800, Andrew Edelstein escreveu:
> Make sure your md5sum binary is also on immutable media. It doesn't do you any
> good to have known good checksums, if the binary that does the checking can be
> hacked to tell you what the hacker wants it to tell you.
That may also not be enough. A library could have been hacked, md5sum should be
statically linked. And, if a kernel module has been inserted, then all bets
are off, you would have to reboot from a known kernel to be sure.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]