OpenBSD Journal

How does the GNU FTP server compromise affect ports?

Contributed by jose on from the checksums-are-just-for-this-purpose dept.

anonymous writes: "after the recent compromise of the GNU FTP server, I have been concerned about the integrity of my systems.

how does this affect both the base system and ports? since the intruder had root access on the box, checksums should mean a big zero, what does one do to make sure their beloved boxes are safe?"

Don't forget that the checksums the ports tree uses are held on OpenBSD servers, not the compromised distfile server. Secondly, the checksums are widely distributed, so someone is bound to spot it (as they did with other backdoored distfiles). Thirdly, this is exactly what the systrace patch for the ports tree is for.

(Comments are closed)

  1. By jose () on

    i was affected by the blackout and busy at work this week, hence i didn't get much posted. thanks for understanding ...

    1. By Nate () on

      My power was out too, really sucked. Not only no computer, but after a while no light to read or play board/card games.

      Also a bit of a pain to have to throw out food that may/may not be good still/ever.

    2. By krh () on

      You do a great job, blackout or no. Please keep up it up, and thanks!

    3. By Anonymous Coward () on

      OpenBSD doesn't protect against that type of DoS attack?!? Ouch, that is a crippling bombshell for this beleaguered communi^&3-xx*



Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]