From owner-freebsd-security  Sat Dec  2 14:00:51 1995
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id OAA28979
          for security-outgoing; Sat, 2 Dec 1995 14:00:51 -0800
Received: from time.cdrom.com (time.cdrom.com [192.216.222.226])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id OAA28949
          for <security@FreeBSD.ORG>; Sat, 2 Dec 1995 14:00:44 -0800
Received: from localhost (localhost [127.0.0.1]) by time.cdrom.com (8.6.12/8.6.9) with SMTP id OAA04273; Sat, 2 Dec 1995 14:00:03 -0800
To: Robert Du Gaue <rdugaue@calweb.com>
cc: Robert Watson <robert@fledge.watson.org>,
        Michael Smith <msmith@atrad.adelaide.edu.au>, security@FreeBSD.ORG
Subject: Re: ****HELP***** 
In-reply-to: Your message of "Sat, 02 Dec 1995 10:30:32 GMT."
             <Pine.BSF.3.91.951202102847.1571B-100000@uucp1.calweb.com> 
Date: Sat, 02 Dec 1995 14:00:03 -0800
Message-ID: <4271.817941603@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: owner-security@FreeBSD.ORG
Precedence: bulk

> I plan on rebuilding a new system from scratch, then I'll wipe all the 
> bin directories clena on the compromised systems and use the rebuilt 
> system to update all the bins. Which should I do?
> 

Erm.  In this instance, you might be better off simply backing up the
files you want to *keep* and then reinstalling the entire system from
the 2.1 distribution.  2.1's installer isn't bad, and it's possible
to get back a lot of the configuration data just through answering
questions in the novice install.

					Jordan


> /bin /sbin /usr/sbin /usr/bin   Where else? I know there are alot I'm 
> missing...
> 
> 
> On Sat, 2 Dec 1995, Robert Watson wrote:
> 
> > Date: Sat, 2 Dec 1995 13:14:42 -0500 (EST)
> > From: Robert Watson <robert@fledge.watson.org>
> > To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
> > Cc: Michael Smith <msmith@atrad.adelaide.edu.au>,
> >     Robert Du Gaue <rdugaue@calweb.com>, security@FreeBSD.ORG
> > Subject: Re: ****HELP***** 
> > 
> > 
> > Actually, what might be nice is to include the MD5's with the system, and 
> > have a script in daily.local that verifies that the key system binaries 
> > are correct.  Obviously then the md5 file would be at risk, but..  This 
> > would also be nice, unrelated to the daily part, after an upgrade to 
> > check if there are any old binaries lying around.
> > 
> > Actually, one thing I was going to ask about was -- is there a difference 
> > between the 2.1.0 binaries for standard executables (eg., pine) and the 
> > 2.0.5 ones?  Is there anyway I can use strings (or something) to get a 
> > list of all the old binaries on my system and upgrade them if needed?
> > 
> > On Sat, 2 Dec 1995, Jordan K. Hubbard wrote:
> > 
> > > > Jordan; how hard would it be to generate a file with the md5's of a sto
ck
> > > > release system's "standard binaries" for this sort of thing?
> > > 
> > > Probably not too hard.  Let me think about it.  You'd want a file
> > > for each distrib, probably.
> > > 
> > > 					Jordan
> >