From owner-freebsd-security Sat Dec 2 10:30:07 1995 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id KAA23475 for security-outgoing; Sat, 2 Dec 1995 10:30:07 -0800 Received: from uucp1.calweb.com (root@uucp1.calweb.com [165.90.138.20]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id KAA23406 for ; Sat, 2 Dec 1995 10:29:59 -0800 Received: (from rdugaue@localhost) by uucp1.calweb.com (8.7.2/8.7.2) id KAA01601; Sat, 2 Dec 1995 10:30:32 GMT Date: Sat, 2 Dec 1995 10:30:32 +0000 () From: Robert Du Gaue To: Robert Watson cc: "Jordan K. Hubbard" , Michael Smith , security@FreeBSD.ORG Subject: Re: ****HELP***** In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG Precedence: bulk I plan on rebuilding a new system from scratch, then I'll wipe all the bin directories clena on the compromised systems and use the rebuilt system to update all the bins. Which should I do? /bin /sbin /usr/sbin /usr/bin Where else? I know there are alot I'm missing... On Sat, 2 Dec 1995, Robert Watson wrote: > Date: Sat, 2 Dec 1995 13:14:42 -0500 (EST) > From: Robert Watson > To: "Jordan K. Hubbard" > Cc: Michael Smith , > Robert Du Gaue , security@FreeBSD.ORG > Subject: Re: ****HELP***** > > > Actually, what might be nice is to include the MD5's with the system, and > have a script in daily.local that verifies that the key system binaries > are correct. Obviously then the md5 file would be at risk, but.. This > would also be nice, unrelated to the daily part, after an upgrade to > check if there are any old binaries lying around. > > Actually, one thing I was going to ask about was -- is there a difference > between the 2.1.0 binaries for standard executables (eg., pine) and the > 2.0.5 ones? Is there anyway I can use strings (or something) to get a > list of all the old binaries on my system and upgrade them if needed? > > On Sat, 2 Dec 1995, Jordan K. Hubbard wrote: > > > > Jordan; how hard would it be to generate a file with the md5's of a stock > > > release system's "standard binaries" for this sort of thing? > > > > Probably not too hard. Let me think about it. You'd want a file > > for each distrib, probably. > > > > Jordan >