RE: MD5 checksum server OS check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for the info, I found the book on Amazon.



-----Original Message-----
From: psyche-list-admin@xxxxxxxxxx
[mailto:psyche-list-admin@xxxxxxxxxx]On Behalf Of Martinez, Michael
Sent: Saturday, September 27, 2003 9:02 AM
To: psyche-list@xxxxxxxxxx
Cc: charlescurley@xxxxxxxxxxxxxxxxx
Subject: Re: MD5 checksum server OS check


A book called "Hack Proofing Linux." If you need the publication details,
such as author and publisher, let me know.

Mike

--------------------------
Sent from my BlackBerry Wireless Handheld


-----Original Message-----
From: help@xxxxxxxxxxx <help@xxxxxxxxxxx>
To: psyche-list@xxxxxxxxxx <psyche-list@xxxxxxxxxx>
CC: charlescurley@xxxxxxxxxxxxxxxxx <charlescurley@xxxxxxxxxxxxxxxxx>
Sent: Sat Sep 27 08:02:56 2003
Subject: RE: MD5 checksum server OS check

Thanks for your detailed response Charles,

Actually what I should be doing is reading in depth on this subject.
Can you reccomend any publications, books, on line documents or URL's on the
RH (or other) sites that explain gpg key, MD5SUM methods
to verify file and OS integrity?



>> It's my understanding that it is possible to insert a Red Hat
distribution
>> disk into CD rom drive of a server and run an MD5 or checksum test to
>> determine if any of the OS files have been altered or compromised in any
>> way.  If correct, what is the procedure and command syntax to do this?
>
>Depends on how you want to do it. First, import Red Hat's gpg key
>(preferred), or add the appropriate command line switch to the rpm
>call below to disable gpg key checking. Then get the MD5SUM file and
>verify its gpg signature:
>
>gpg --verify MD5SUM
>
>Then checksum the image(s):
>
>md5sum <path>
>
>where <path> may be your CD-ROM device, such as /mnt/cdrom.
>
>e.g, for severn:
>
>cat MD5SUM ; md5sum severn-i386-disc*.iso
>
>
>You should also check individual packages, e.g.:
>
>find <path> -iname "*.rpm" -exec rpm -K {} \; | grep NOT
>
>where silence implies acceptance.
>
>>
>> Also if I have installed non RH software on server, how would I go about
>> doing checks on non RH applications to make sure those applications have
not
>> been altered or compromised?
>>
>> Thanks for any info.
>>
>>
> --
> Psyche-list mailing list
> Psyche-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/psyche-list

--

Charles Curley                  /"\    ASCII Ribbon Campaign
Looking for fine software       \ /    Respect for open standards
and/or writing?                  X     No HTML/RTF in email
http://www.charlescurley.com    / \    No M$ Word docs in email

Key fingerprint = CE5C 6645 A45A 64E4 94C0  809C FFF6 4C48 4ECD DFDB


--
Psyche-list mailing list
Psyche-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/psyche-list


--
Psyche-list mailing list
Psyche-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/psyche-list


-- 
Psyche-list mailing list
Psyche-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/psyche-list

[Index of Archives]     [Fedora General Discussion]     [Red Hat General Discussion]     [Centos]     [Kernel]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux