Bugtraq mailing list archives
Re: trojans on ftp sites
From: arielf () mirage nsc com (Ariel Faigon)
Date: Tue, 17 May 94 10:59:46 PDT
David H. Brierley wrote:
Easy, I replace the md5 program with a modified version that *reports* the checksum that everybody else is expecting to see. Eventually this would break down becuase someone would download my copy and then attempt to generate a new checksum but it would not match. This is partially solveable by only having the modified program available for a week or so, then put the original back and go modify some other program.
A clean solution to the problem described would be to use 4.4BSD and make the md5 program "immutable". If this has anything to do with firewalls, it is that 4.4BSD machines make more secure systems and that includes firewalls. I believe that the immutability kernel concept will become more and more popular with time. Best regards, Ariel Faigon
Current thread:
- Re: trojans on ftp sites, (continued)
- Re: trojans on ftp sites Paul Robinson (May 14)
- Re: your mail Christopher Klaus (May 14)
- Re: trojans on ftp sites smb () research att com (May 14)
- Re: your mail John Macdonald (May 16)
- Re: your mail Steven C. Blair (May 16)
- Re: your mail John Macdonald (May 16)
- Re: your mail Christopher Klaus (May 16)
- Re: your mail Adam Shostack (May 16)
- Re: your mail John Macdonald (May 16)
- Re: trojans on ftp sites Paul Robinson (May 14)
- Checksums in FTP servers. Scott Northrop (May 16)