Re: Re: ssh trojaned

[Thomas Cannon <tcannon () noops org>]

It would seem a trivial matter to use DNS for checking MD5 sums from
several locations. I mean, sure, DNS is easily spoofed, and there's issues
about how to get the MD5 sums into the DNS DB securely, and a bunch of
other problems... but as far as defense in depth, it would seem more
prudent than relying on MD5 checksums that reside on the same host as the
possibly trojaned files.

Just add into package installing software the functionality to check the
MD5 sums from a couple different DNS servers, using a lookup that requests
the DNS name of openssh-makefile.openbsd.org and recieves a CNAME of
md5string.openbsd.org, or an IP address based on a hash of the MD5 sum
(I'm no cryptographer, but I imagine someone could figure it out. S/key
uses hashes converted to words -- that's pretty goofy, but it works).

It would raise the bar, not solve the problem. But raising the bar
certainly won't hurt... except for when someone figures out  that there's
an unchecked buffer in the DNS resolver, but something like that
surely wouldn't ever happen.

-tcannon

PS: Yes, I know there was a problem with DNS resolver libraries recently.
It was a joke. Ha ha. *sigh...*

On Mon, 5 Aug 2002, Nick Lange wrote:

> Ok, a weekend late [ I forgot to send this]...
>
> once again, forcing a web of trust on the code we deploy anyways...
> so we can either take up Signature authorities for files on the net [Which I
> don't like... as this is only the first real case of poisoned files on a big
> distro]
> OR
> have MD5 Sums from multiple locations pulled and then an average presented
> to the user, assuming that these locations wouldn't be updated as fast
> [perhaps forcing a 1-2 day delay on updating any sums for a given mirror
> except for new entries?] we can increase the probability that a release can
> be trusted slightly...
> or perhaps, if I am mirror A have a watchdog script compare my md5 sum to
> every other md5 sum accross the mirrors, and take some action should the
> ratio of unmatching MD5's falls below a certain percentage...
> or something like that.
> Do scripts like that exist already?
> Cheers,
> nick
> ----- Original Message -----
> From: <wozz () 0xdeadbeef org>
> To: "Eirik Seim" <default () stengt net>
> Cc: <vuln-dev () securityfocus com>; "Steve Wright" <stevew () cwazy co uk>
> Sent: Friday, August 02, 2002 1:20 PM
> Subject: Re: Re: ssh trojaned
>
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Of course, verifying checksums does you no good if the checksums have been
> replaced along with the binary.  Be sure to aquire your checksums from some
> other, presumably safe, location.
> > On Thu, 1 Aug 2002 22:41:39 +0200 (CEST), Eirik Seim <default () stengt net>
> wrote:
> > > Oh, and the guys that inserted the trojan might easily had access to more
> > > on the same ftp site, and subsequently also its mirrors.  If you don't
> > > usually verify checksums, now is a great time to start doing so.
> > >
> > >
> > > - Eirik
> > > --
> > > New and exciting signature!
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: Hush 2.1
> > Note: This signature can be verified at https://www.hushtools.com
> >
> > wlsEARECABsFAj1KzbEUHHdvenpAMHhkZWFkYmVlZi5vcmcACgkQ1vK8vFo3sjzZEQCf
> > YpqiXaafmDfMuhErWoaJ/u86csgAoLvBK8uxMoIDpfZdfOwBrwdnRRYD
> > =EoUt
> > -----END PGP SIGNATURE-----

"No brain, no headache"