On 12/15/05, Ravi Kumar <[EMAIL PROTECTED]> wrote:
> On 12/14/05, Thaths <[EMAIL PROTECTED]> wrote:
> Thaths,
> Your above statement makes me wonder, A debian (based)
> distribution user will be including a lot of repositories in his
> /etc/apt/sources.list file over a period of time. Is there any way to
> validate if a repository is genuine or not. I mean what is stopping me
> (say) from starting a repository on a server where I have bought
> space and then I exchange a common utility package with a rooted
> version of the package. And anyone using my repository will be
> downloading and using the infected package unknowingly.
That should be a lesson to not include untrusted deb packages to
sources.list. Debian is moving towards verifying signatures and
checksums (against those signatures in the debian-keyring package
which you are strongly encouraged to download from a cannonical and
trused Debian mirror.) before installation. This (trojan-ed source and
binary packages) is going to be a serious problem soon. Which is why
people are strongly ecouraged to do md5 checksum checks before
compilation / installation.
> > Good common sense sys admin skills.
> Is there any program which helps one to check if a system is infected
> or not ? I mean like checking the md5-checksum or something ?
Sure.
> > A rootkit detector will be a good starting point.
> Can you please give an example of a root kit detector. I have heard of
> bastile linux. But I presume it is a OS hardening script. And I think
> it does not work on Ubuntu.
I am not an expert on rootkit detectors. I am sure someone will pipe
in (Binad? srs?) with suggestions.
Thaths
--
"Facts are meaningless. You could use facts to prove anything that's even
remotely true!" -- Homer J. Simpson
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id�865&op=click
_______________________________________________
linux-india-help mailing list
linux-india-help@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-india-help
