Vulnerability Development mailing list archives

Re: Re: ssh trojaned

From: Tan Wee Yeh <tanwy () comp nus edu sg>
Date: Tue, 6 Aug 2002 08:43:03 +0800

On Mon, Aug 05, 2002 at 07:27:09PM +0200, Jonas Anden wrote:

Should the published MD5 sum of a file I have mirrored be different on
*ANY* of the other mirrors (or the primary site) be different from the
calculated MD5 sum of my file, all sorts of bells and whistles should go
off. Something is wrong; either my copy or their copy is bad. Either
way, something needs to be done about it.


Indeed, but IMHO the same scheme will also either scream at updates or if
you trust updates, limit protection to only existing files.  This is little
different from the tripwire concept and suffers the same the fallacies.

I am thinking along the line where distributions are checked against
checksums signed by some authority (in this case, the developer).


        Just me,
        Wire ...
--
Tan Wee Yeh     wytan () pobox com     http://www.pobox.com/~wytan
For PGP public key : http://www.pobox.com/~wytan/pgp
PGP fingerprint = CB 11 61 BE 4E EF FB 84  71 15 CF 22 46 FD 4C B3

Current thread:

RE: Re: ssh trojaned, (continued)
- - RE: Re: ssh trojaned Joe Harrison (Aug 03)
  - Re: Re: ssh trojaned Nick Lange (Aug 05)
    - Re: ssh trojaned loki_ (Aug 05)
    - Re: ssh trojaned Nick Lange (Aug 05)
    - Re: ssh trojaned Joakim Andersson (Aug 05)
    - Re: ssh trojaned Clemens 'Gullevek' Schwaighofer (Aug 06)
    - Re: ssh trojaned Andreas Krennmair (Aug 06)
    - Re: ssh trojaned Alex Lambert (Aug 06)
    - Message not available
    - Re: ssh trojaned Clemens 'Gullevek' Schwaighofer (Aug 07)
    - Re: Re: ssh trojaned Jonas Anden (Aug 05)
    - Re: Re: ssh trojaned Tan Wee Yeh (Aug 05)
    - Re: Re: ssh trojaned Thomas Cannon (Aug 05)
- Re: ssh trojaned Grudge Mason (Aug 02)
- RE: Re: ssh trojaned kevin () ktstone com (Aug 03)