From owner-freebsd-security@FreeBSD.ORG Tue Jul 11 19:41:17 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 89EA116A4E0 for ; Tue, 11 Jul 2006 19:41:17 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost2.sentex.ca (smarthost2.sentex.ca [205.211.164.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D4CF43D6D for ; Tue, 11 Jul 2006 19:41:16 +0000 (GMT) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost2.sentex.ca (8.13.6/8.13.4) with ESMTP id k6BJfF4G085615 for ; Tue, 11 Jul 2006 15:41:15 -0400 (EDT) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.3P/8.13.3) with ESMTP id k6BJfGCK059306 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 11 Jul 2006 15:41:16 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <6.2.3.4.0.20060711142809.04a6f8e0@64.7.153.2> X-Mailer: QUALCOMM Windows Eudora Version 6.2.3.4 Date: Tue, 11 Jul 2006 15:41:33 -0400 To: freebsd-security@freebsd.org From: Mike Tancsa Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Integrity checking NANOBSD images X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Jul 2006 19:41:17 -0000 We have a number of Soekris devices that we will be deploying remotely in semi- hostile physical environments. The remote links are dialup so I dont have a lot of bandwidth available. I want to do integrity checks of the images so that I can detect any tampering of the flash image. If I upload a static sha256 binary to /tmp on the remote box (which is a RAM disk) and then do something like e.g. # ssh remote1.example.com "mkdir /tmp/rand-directory" # scp /usr/local/bin/sha256 remote1.example.com:/tmp/rand-directory/sha256 # scp /usr/local/bin/dd remote1.example.com:/tmp/rand-directory/dd # ssh remote1.example.com "/tmp/rand-directory/dd if=/dev/ad2s1a bs=4096k | /tmp/rand-directory/sha256" 120+1 records in 120+1 records out 505389056 bytes transferred in 169.727727 secs (2977646 bytes/sec) 955ebad583bfc0718eb28ac89563941407294d5c61a0c0f35e3773f029cc0685 Can I be reasonably certain the image has not been tampered with ? Or are there trivial ways to defeat this check ? The flash is always mounted read-only, so in theory nothing should change with it. Or do I need to cram on tripwire or similar programs onto the nanobsd image ? ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike