IOS Rookit: the sky isn't falling (yet)

• Previous message (by thread): IOS Rookit: the sky isn't falling (yet)
• Next message (by thread): IOS Rookit: the sky isn't falling (yet)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 27 May 2008 11:24:19 MDT, Chris Grundemann said:

> Like MD5 File Validation? - "MD5 values are now made available on
> Cisco.com for all Cisco IOS software images for comparison against
> local system image values."

That does wonders for catching a corruption in the FTP that wasn't caught
by the relatively weak TCP checksumming.

But if the attacker has the wherewithal to cause a modified file to be
downloaded (either by replacing it on the real server, or getting you to
visit a fake server), they can also present you with a webpage that has an
MD5 hash that matches the modified file.

Now, if they provided a PGP signature of the file, done with a key that I
have reason to trust, *that* raises the bar significantly...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20080527/4ba3287b/attachment.sig>

• Previous message (by thread): IOS Rookit: the sky isn't falling (yet)
• Next message (by thread): IOS Rookit: the sky isn't falling (yet)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]