From owner-freebsd-security@FreeBSD.ORG Sat Jun 12 13:46:34 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 989FA16A4CE for ; Sat, 12 Jun 2004 13:46:34 +0000 (GMT) Received: from techno.sub.ru (webmail.sub.ru [213.247.139.22]) by mx1.FreeBSD.org (Postfix) with SMTP id 5BA7743D48 for ; Sat, 12 Jun 2004 13:46:33 +0000 (GMT) (envelope-from tarkhil@webmail.sub.ru) Received: (qmail 46512 invoked by uid 0); 12 Jun 2004 13:45:32 -0000 Received: from webmail.sub.ru (HELO tarkhil.over.ru) (213.247.139.22) by techno.sub.ru with SMTP; 12 Jun 2004 13:45:32 -0000 Date: Sat, 12 Jun 2004 17:45:29 +0400 From: Alex Povolotsky To: freebsd-security@freebsd.org Message-Id: <20040612174529.0dc73ac9@tarkhil.over.ru> In-Reply-To: <20040612130307.2c4483cb.thib@mi.is> References: <019101c45072$a8b9cfe0$3501a8c0@pro.sk> <20040612130307.2c4483cb.thib@mi.is> Organization: sub.ru X-Mailer: Sylpheed version 0.9.9claws (GTK+ 1.2.10; i386-portbld-freebsd4.8) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Hacked or not appendice X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jun 2004 13:46:34 -0000 On Sat, 12 Jun 2004 13:03:07 +0000 Thordur Ivar wrote: TI> I have on a CD a number of binarys ( sources actually ) ( e.g. ls, TI> find, grep, awk, sed, locate e.t.c. ) and when I belive that a TI> machine has been cracked I remove the network cable from that TI> machine and mount the cdrom build the sources and start looking. If TI> I need something in that process I put it on my USB memstick from a TI> 'trusted machine' and move it by hand over. When I was unable to do the same thing, I've recompiled md5 tool from freshly fetched sources and used it to test utilities. I don't beleive in attacker catching thr build process transparently... -- Alex.