Date: Fri, 25 Jan 2002 18:22:04 -0500 (EST) From: Robert Simmons <rsimmons@wlcg.com> To: "f.johan.beisser" <jan@caustic.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: theo Message-ID: <20020125182148.X41395-100000@mail.wlcg.com> In-Reply-To: <20020125151048.C32624-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Thank you, if I knew you I would kiss you. Robert Simmons Systems Administrator http://www.wlcg.com/ E3E2 C83A 95A2 DDDC BF7F 6889 74B6 5850 880E B566 On Fri, 25 Jan 2002, f.johan.beisser wrote: > On Fri, 25 Jan 2002, Robert Simmons wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: RIPEMD160 > > > > Lets say someone has a machine they don't have console access to, but they > > know that the OS comes back every time they reboot the fucker. > > > > The kernel is on the old hard drive, with the swap garbage. The brand > > spanking new OS is mirrored on a twed. How can I tell that the core > > team's brand spanking newly de scriptkiddified kernel is the one that > > boots? dmesg? > > generally, i can tell via an ls -al /kernel, and checking the timestamp. > failing that, i can look at the output from uname: > > FreeBSD pogo.caustic.org 4.4-STABLE FreeBSD 4.4-STABLE #1: Wed Nov 14 > 11:14:38 PST 2001 root@pogo.caustic.org:/usr/src/sys/compile/POGO i386 > > and looking at that alone, i can tell (i tend to rebuild the kernel once > each major change/kernel level patch. so, in this case, the timestamp on > the uname output (Wed Nov 14 11:14:38 PST 2001) tells me that this is the > kernel i build ages ago. > > should i do more frequent rebuilds, the string "FreeBSD 4.4-STABLE #1" > would tell me which build number of the kernel (since building POGO's > first kernel) i have. > > if what you're refrencing is the specific kernel loaded by the loader, > unless you change it at boot time (unload kernel, load <altkernel>, boot), > it will default to /kernel. > > > BTW, there isn't a floppy installed, nor a CD_ROM. > > that's fine, you can change the device that the kernel is loaded from if > you really wish too. > > > Also, you win, you people get the prize for the most security alerts in > > one year. :) > > thanks. i tend to be glad to see so many security alerts. makes me feel > like someone is finding, and fixing, problems in the OS. "Security is not > a product, it is a process" and all that jazz. > > btw, anyone know who said that? i'm inclined to think it's bruce schneier. > > > > -------/ f. johan beisser /--------------------------------------+ > http://caustic.org/~jan jan@caustic.org > "John Ashcroft is really just the reanimated corpse > of J. Edgar Hoover." -- Tim Triche > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8UeigdLZYUIgOtWYRA/NuAKC8yNAKlFQ4MZ/81x3Vc2yvH1uhcQCaA4mo v6Eamd5j5v4Wd1YjtdBoZWc= =tDzk -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020125182148.X41395-100000>