Security Incidents mailing list archives
Re: Generic checksums (MD5 DB)
From: jburdge () AVENTAIL COM (Jon Burdge)
Date: Tue, 21 Mar 2000 10:23:59 -0800
I have been wondering if there are any public, searchable databases of MD5 (and/or other reliable digests) checksums of thegeneric ships-with-the-OS utilities?[snip] Pool our tripwire databases together??? I'd like to see if some kids figure out a way to make their rootkit'ed version fit _one_ of the "ok" MD5's - random chance? :-{
The whole point of a good hashing algorithm is that it should be next to impossible to do something like that, even accidentally. There wouldn't be enough hashes to even barely increase the chances of something like that. The real difficulty in this is how different a lot of compiled versions could be, change something in config.h and you're going to get a different hash. Unless you're talking about vendor supplied binaries, then there would be some standard, hopefully. I think the real difficulty would be a logistical one -- making sure the data is good, whether the bad data is by malice or mistake.
Current thread:
- Generic checksums (MD5 DB) Ville (Mar 17)
- 8 hours of pinging Jim Lindstrom (Mar 20)
- Re: 8 hours of pinging Rick Ballard (Mar 21)
- Re: 8 hours of pinging Robert Graham (Mar 21)
- Re: 8 hours of pinging Bob Fayne (Mar 22)
- Re: 8 hours of pinging Jim Lindstrom (Mar 22)
- 8 hours of pinging Foley, Michael P (Mar 22)
- Re: 8 hours of pinging Mike A. Harris (Mar 24)
- Re: Generic checksums (MD5 DB) Filip M. Gieszczykiewicz (Mar 20)
- <Possible follow-ups>
- Re: Generic checksums (MD5 DB) Jon Burdge (Mar 21)
- Re: Generic checksums (MD5 DB) Thomas J. Kluegel (Mar 21)
- 8 hours of pinging Jim Lindstrom (Mar 20)