On Wed, Jul 15, 2009 at 9:20 AM, Andrew McNabb<[email protected]> wrote: >> Well, I guess if you had md5/sha1 sums (that you can trust) of every >> file on your system and you're willing to go file-by-file and verify >> them when mounted on a trusted system (*not* the one that was hacked), >> then, maybe, you could sleep again at night knowing all is well. > > Even then, the kernel could be modified to lie about the contents of the > files. You really can't trust anything.
Right, if you read the above, you'll see that the suggestion is to use a different system and *not* boot to the kernel of the hacked box. I only point this out because I got 2 responses that start with "Even then," and then go on to cover items that I already mentioned ;) Best, Gabe /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
