Re: status: hints on how to check your machine forintrusion

From: Andy
Date: Sat Oct 01 2011 - 23:31:26 EST

On Sat, Oct 01, 2011 at 07:26:43PM -0700, Greg KH wrote:
> On Sat, Oct 01, 2011 at 09:58:38PM -0400, tmhikaru@xxxxxxxxx wrote:
> > Any way we could get something like this verification done for the
> > 3.0.x stable kernels? I'm currently stuck without any way known to me to
> > verify that any of the patches I downloaded from before it went
> > down are actually correct.
> I already sent a signed copy of the 3.0.4 patch that applies on top of
> the 3.0 kernel to the linux-kernel mailing list a few days ago.
> That should be fine for what you need right now, right?
> greg k-h


Would it be possible for you to build on the great work already done by
Willy and provide the signature's he missed (they cluster around the more
recent branches which happen to be the tarballs most likely to have been
downloaded during the intrusion window).

Maybe it makes sense to generate sha-256 fingerprints, as H. Peter says,
rather than the less collision-resistant md5.

Very few people probably have as complete a local git repo as you do.

~ Andy

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at