Bugtraqmailing list archives
Re: Trojan/backdoor in fragroute 1.2 source distribution
From: uid0 () catastrophe net
Date: Fri, 31 May 2002 10:48:29 -0500
On Fri, 2002-05-31 at 09:55:21 +0200, Anders Nordby wrote...; Although downloading it now seems safe, I think folks should know this.; The changes done were similar to what happened to irssi, but with a; different IP.; ; MD5 sum of fragroute-1.2.tar.gz, downloaded from;http://www.monkey.org/~dugsong/fragroute/ on may 27 (the contaminated; version): 65edbfc51f8070517f14ceeb8f721075; ; MD5 sum of fragroute-1.2.tar.gz, downloaded from;http://www.monkey.org/~dugsong/fragroute/ on may 30 (this is the current; MD5 sum): 7e4de763fae35a50e871bdcd1ac8e23aThis makes one wonder a question that would be best posed to the community;the purpose of MD5/SHA/etc is to provide unequivocal evidence as to the validity of a piece of data. More often than not, such files are kept in the same, vulnerable, location as the actual data. Clearly one can see the downfall of such a system.To what extent have the entities in this forum started to analyze methodsby which to use a "trusted" third party to house such signatures of data?In my mind, it seems evident that a light system might take some of thefunctionaility of the trusted CA model in SSL, and use it to provideguaranteed (as much as one can) signatures.This might be a good discussion for another forum, but I'm curious to knowif anything as such is being done.-#0
Current thread:
- Trojan/backdoor in fragroute 1.2 source distributionAnders Nordby (May 31)
- Re: Trojan/backdoor in fragroute 1.2 source distributionuid0 (May 31)
- Re: Trojan/backdoor in fragroute 1.2 source distributionDug Song (May 31)