Date: Sat, 12 Jun 2004 17:45:29 +0400 From: Alex Povolotsky <tarkhil@webmail.sub.ru> To: freebsd-security@freebsd.org Subject: Re: Hacked or not appendice Message-ID: <20040612174529.0dc73ac9@tarkhil.over.ru> In-Reply-To: <20040612130307.2c4483cb.thib@mi.is> References: <019101c45072$a8b9cfe0$3501a8c0@pro.sk> <20040612130307.2c4483cb.thib@mi.is>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 12 Jun 2004 13:03:07 +0000 Thordur Ivar <thib@mi.is> wrote: TI> I have on a CD a number of binarys ( sources actually ) ( e.g. ls, TI> find, grep, awk, sed, locate e.t.c. ) and when I belive that a TI> machine has been cracked I remove the network cable from that TI> machine and mount the cdrom build the sources and start looking. If TI> I need something in that process I put it on my USB memstick from a TI> 'trusted machine' and move it by hand over. When I was unable to do the same thing, I've recompiled md5 tool from freshly fetched sources and used it to test utilities. I don't beleive in attacker catching thr build process transparently... -- Alex.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040612174529.0dc73ac9>