On Mon, 13 Jan 2014 12:26:02 +0200, Tassos Chatzithomaoglou said: > I'm looking for ways to verify that the currently running software on our > Cisco/Juniper boxes is the one that is also in the flash/hd/storage/etc.
In general, asking the operating system if it's pwned is an insoluble problem, because the pwner will of course arrange that the answer to such a query be "No, I'm not pwned". You really need assistance from one layer further down - if you're in a VM, you need to ask the hypervisor. If you're on bare metal, you need to ask the SMM or equivalent. If you're in the SMM, you need to ask the hardware. And of course, at each level, you have to ask yourself how you know that *that* level isn't lying to you.... (Yes, this is the corner of system security where, if you're not already a paranoid schizophrenic, you will be soon.. :)
pgpJrvnxXdjZu.pgp
Description: PGP signature
