Re: MS binary integrity baseline
From: Sam Baskinger (sam_at_reefedge.com)
Date: 08/19/04
- Previous message: Marc Fossi: "SecurityFocus Microsoft Newsletter #202"
- In reply to: Chris Conacher: "MS binary integrity baseline"
- Next in thread: Sean: "RE: MS binary integrity baseline"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 19 Aug 2004 02:29:19 -0400 To: Chris Conacher <chris_conacher@hotmail.com>
Hi Chris,
It's good practice to keep an up-to-date list of file hashes for any
system you deploy. Before you deploy the system and after each upgrade
you verify the hashes and take new ones if necessary.
I acctually finished writing a script in python which does this on Linux
and Win systems. If any are interested I'll happily post it to the list
(160 lines in length) with the standard "USE AT YOUR OWN RISK" disclaimer.
Currently I'm using the script to keep a closer eye on my testing
machines (The Win boxes) and I've deployed it on my laptop (the Linux
machine).
Again, this isn't hard at *all* and it is something you can EASILY
re-program for your shop and put in a scheduled task. Python also gives
you some flexability in reporting etc etc etc.
Sam
Chris Conacher wrote:
> Dear List
>
> Is there anything that performs binary integrity checks for Windows OS
> such as rpm does for Redhat or apt does for Debian?
>
> I want something that will check Windows binaries against a trusted
> source - MS site, install cd, etc so that I can determine integrity
> baselines of current production systems before deploying an integrity
> checking application.
>
> I would have thought that this would be something Microsoft would
> provide, but have not seen anything.
>
> Thanks for any input
>
> Chris
>
> _________________________________________________________________
> Express yourself with cool new emoticons
> http://www.msn.co.uk/specials/myemo
>
>
> ---------------------------------------------------------------------------
>
> ---------------------------------------------------------------------------
>
>
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Marc Fossi: "SecurityFocus Microsoft Newsletter #202"
- In reply to: Chris Conacher: "MS binary integrity baseline"
- Next in thread: Sean: "RE: MS binary integrity baseline"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
