Re: MD5 checksum server OS check

Sat, 27 Sep 2003 06:01:39 -0700 

A book called "Hack Proofing Linux." If you need the publication details, such as 
author and publisher, let me know. 

Mike 

--------------------------
Sent from my BlackBerry Wireless Handheld


-----Original Message-----
From: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
CC: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Sent: Sat Sep 27 08:02:56 2003
Subject: RE: MD5 checksum server OS check

Thanks for your detailed response Charles,

Actually what I should be doing is reading in depth on this subject.
Can you reccomend any publications, books, on line documents or URL's on the
RH (or other) sites that explain gpg key, MD5SUM methods
to verify file and OS integrity?



>> It's my understanding that it is possible to insert a Red Hat
distribution
>> disk into CD rom drive of a server and run an MD5 or checksum test to
>> determine if any of the OS files have been altered or compromised in any
>> way.  If correct, what is the procedure and command syntax to do this?
>
>Depends on how you want to do it. First, import Red Hat's gpg key
>(preferred), or add the appropriate command line switch to the rpm
>call below to disable gpg key checking. Then get the MD5SUM file and
>verify its gpg signature:
>
>gpg --verify MD5SUM
>
>Then checksum the image(s):
>
>md5sum <path>
>
>where <path> may be your CD-ROM device, such as /mnt/cdrom.
>
>e.g, for severn:
>
>cat MD5SUM ; md5sum severn-i386-disc*.iso
>
>
>You should also check individual packages, e.g.:
>
>find <path> -iname "*.rpm" -exec rpm -K {} \; | grep NOT
>
>where silence implies acceptance.
>
>>
>> Also if I have installed non RH software on server, how would I go about
>> doing checks on non RH applications to make sure those applications have
not
>> been altered or compromised?
>>
>> Thanks for any info.
>>
>>
> --
> Psyche-list mailing list
> [EMAIL PROTECTED]
> https://www.redhat.com/mailman/listinfo/psyche-list

--

Charles Curley                  /"\    ASCII Ribbon Campaign
Looking for fine software       \ /    Respect for open standards
and/or writing?                  X     No HTML/RTF in email
http://www.charlescurley.com    / \    No M$ Word docs in email

Key fingerprint = CE5C 6645 A45A 64E4 94C0  809C FFF6 4C48 4ECD DFDB


-- 
Psyche-list mailing list
[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/psyche-list


-- 
Psyche-list mailing list
[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/psyche-list

Reply via email to