Bugtraq mailing list archives
Re: trojans on ftp sites
From: smb () research att com (smb () research att com)
Date: Sat, 14 May 94 23:46:53 EDT
Neither sum nor crc-32 are worth the bits they're stored in, for this purpose; both are easy to spoof. If you're going to do it, do it right: md5. Not that I'm convinced it's a good idea. If an ftp site is compromised, its ls-lR file and/or its ls command are likely to be dead meat (dead silicon?) as well. There's also the problem of different versions, .Z vs .gz, etc.
Current thread:
- Re: trojans on ftp sites der Mouse (May 14)
- Re: trojans on ftp sites Peter Deutsch (May 14)
- <Possible follow-ups>
- Re: trojans on ftp sites Paul Robinson (May 14)
- Re: your mail Christopher Klaus (May 14)
- Re: trojans on ftp sites smb () research att com (May 14)
- Re: your mail John Macdonald (May 16)
- Re: your mail Steven C. Blair (May 16)
- Re: your mail John Macdonald (May 16)
- Re: your mail Christopher Klaus (May 16)
- Re: your mail Adam Shostack (May 16)
- Re: your mail John Macdonald (May 16)
- Checksums in FTP servers. Scott Northrop (May 16)