Re: Hacked or not appendice
From: Alex Povolotsky (tarkhil_at_webmail.sub.ru)
Date: 06/12/04
- Previous message: Alex Povolotsky: "Re: Hacked or not ?"
- In reply to: Thordur Ivar: "Re: Hacked or not appendice"
- Next in thread: Peter Rosa: "Re: Hacked or not - RESULT"
- Reply: Peter Rosa: "Re: Hacked or not - RESULT"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 12 Jun 2004 17:45:29 +0400 To: freebsd-security@freebsd.org
On Sat, 12 Jun 2004 13:03:07 +0000
Thordur Ivar <thib@mi.is> wrote:
TI> I have on a CD a number of binarys ( sources actually ) ( e.g. ls,
TI> find, grep, awk, sed, locate e.t.c. ) and when I belive that a
TI> machine has been cracked I remove the network cable from that
TI> machine and mount the cdrom build the sources and start looking. If
TI> I need something in that process I put it on my USB memstick from a
TI> 'trusted machine' and move it by hand over.
When I was unable to do the same thing, I've recompiled md5 tool from freshly fetched sources and used it to test utilities. I don't beleive in attacker catching thr build process transparently...
-- Alex. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Alex Povolotsky: "Re: Hacked or not ?"
- In reply to: Thordur Ivar: "Re: Hacked or not appendice"
- Next in thread: Peter Rosa: "Re: Hacked or not - RESULT"
- Reply: Peter Rosa: "Re: Hacked or not - RESULT"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
