NOTICE: [CERT Advisory CA-2003-21 GNU Project FTP Server Compromise]
From: Chris Larsen (darth_at_vader.dk)
Date: Thu, 14 Aug 2003 02:22:25 +0200 To: email@example.com
As many may have noticed the GNU Project's FTP server had been compromised as
outlined in this CERT advisory.
I felt the urge to quickly hack together a small perl script to check my
distfiles against the published md5 sums from FSF.
Using this file as reference: ftp://ftp.gnu.org/before-2003-08-01.md5sums.asc
(Check and Verify the PGP signature !)
 Full CERT advisory : http://www.cert.org/advisories/CA-2003-21.html
Attached is a gzipped perl program to check ports/distfiles GNU archives
against the above file and indicate OK or WARNING status.
This script is provided in hope that people may find it useful.
PS: I know already now it has some shortcommings and is not fully regression
tested, but it fullfilled my purposes.
-- Chris Larsen "Make something idiot proof, and someone will invent a better idiot."
- application/pgp-signature attachment: stored