Re: malware defense

Peter T. Breuer (ptb@it.uc3m.es)
Sat, 4 Dec 1999 12:44:52 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Keith Owens: "Re: Putting PCI-class/vendor/deviceinfo into source of PCI-drivers"
Previous message: Martin Mares: "Re: Putting PCI-class/vendor/deviceinfo into source of PCI-drivers"

"A month of sundays ago Jeffrey B. Siegal wrote:"
>
> "Robert G. Brown" wrote:
> > Sure, for one box. How about for 200?
>
> You can boot them over the network using (non-software-reprogrammable) boot
> proms that cryptographically authenticate the boot server.

It may be relevant, or it may not, but I run md5sums of all machines
everyday from a different machine, over nfs, and compare the diffs.
Majority voting wins. Typical output ...

There are 125 scanned files that differ between machines

--------------------------------------------------------------------
/bin/domainname: (15) 77d51d8bbca9428254e2cc1d3839861b
: lm001 lm003 lm004 lm006 lm007 lm008 lm009 lm010 lm011 lm012 lm013 lm014 lm015 lm016 lm017
/bin/domainname: (1) 89e76ca15526f88339bfaaa73a80a076
: lm002
Suggested actions
: rsh lm001; scp -p /bin/domainname root@lm002:/bin/
--------------------------------------------------------------------
...

(the result of a failed remote upgrade on lm002. lm005 was down)

Peter
: lm001 lm003 lm004 lm006 lm007 lm008 lm009 lm010 lm011 lm012 lm013 l

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Keith Owens: "Re: Putting PCI-class/vendor/deviceinfo into source of PCI-drivers"
Previous message: Martin Mares: "Re: Putting PCI-class/vendor/deviceinfo into source of PCI-drivers"