Dailydave mailing list archives
Modified Src
From: ned <nd () felinemenace org>
Date: Tue, 9 Dec 2003 04:37:20 -0800 (PST)
hi, i am glad dave has stopped (?) talking about HashDB and the benefits of checking hashes on software to make sure it is not modified. when you look at the situation of 'back-doored' software you must realise that the person who backdoors the software usually has access to the pages that supply the 'correct' hash. i believe what we need is a 20,000 mirrors of a single hash so its impossible for the modifier to change it on a single location. he has to use his p0day on all 20,000 machines. because i like to remember the time when dailydave was actually just for dave (ml's, who needs 'em?!) i found this. http://www.immunitysec.com/dailydave/9.10.2002.html and if anyone thinks that just because their software has been owned doesn't mean that the attacked does not have the brains to run md5sum then it's the most pure of ignorance. oh, and seeing that the current state of a servers security is constantly changing then a single database will not suffice either. safety in numbers, right? - nd -- http://felinemenace.org/~nd _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Modified Src ned (Dec 09)