On Wed, 28 Mar 2007, Richard van den Berg wrote: > Pablo Virolainen wrote: > > I know that some of you > > don't want to run update (because it can leak some information to the > > attacker). > > > > Please explain. I'm not sure I know what you mean here.
Assuming you have break the system, and by breaking into the system, some system binary has been changed. When they (the bad guys) get the information (the hash value of the original binary) they can feed it back so that AIDE won't see the change. Yep.. I know that the scenario is quite... unlikely. Actually can't really remember any such attact. If you do, pleace tell. Pablo Virolainen _______________________________________________ Aide mailing list Aide@cs.tut.fi https://mailman.cs.tut.fi/mailman/listinfo/aide
