North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: IOS Rookit: the sky isn't falling (yet)
On Tue, 27 May 2008 11:24:19 MDT, Chris Grundemann said: > Like MD5 File Validation? - "MD5 values are now made available on > Cisco.com for all Cisco IOS software images for comparison against > local system image values." That does wonders for catching a corruption in the FTP that wasn't caught by the relatively weak TCP checksumming. But if the attacker has the wherewithal to cause a modified file to be downloaded (either by replacing it on the real server, or getting you to visit a fake server), they can also present you with a webpage that has an MD5 hash that matches the modified file. Now, if they provided a PGP signature of the file, done with a key that I have reason to trust, *that* raises the bar significantly... Attachment:
pgp00005.pgp
|