That verifies the software that is stored somewhere, not the currently running one.
Someone "insider" could load a "hacked" software into flash, boot the router with that file (supposing that he has found a way to do so) and then replace the file on the flash with the real one. How can you verify that the running software is actually the original one? -- Tassos Saku Ytti wrote on 13/1/2014 12:46: > On (2014-01-13 12:26 +0200), Tassos Chatzithomaoglou wrote: > >> I'm looking for ways to verify that the currently running software on our >> Cisco/Juniper boxes is the one that is also in the flash/hd/storage/etc. > IOS: verify /md5 flash:file > JunOS: filechecksum md5|sha-256|sha1 file > > But if your system is owned, maybe the verification reads filename and outputs > expected hash instead of correct hash. >
