From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev-return-5629-arch-gentoo-dev=gentoo.org@gentoo.org>
Received: (qmail 18176 invoked by uid 1002); 14 Aug 2003 13:56:54 -0000
Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:gentoo-dev@gentoo.org>
List-Help: <mailto:gentoo-dev-help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev-unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-dev-subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@gentoo.org
Received: (qmail 934 invoked from network); 14 Aug 2003 13:56:54 -0000
From: Ned Ludd <solar@gentoo.org>
Reply-To: solar@gentoo.org
To: gentoo-dev@gentoo.org, gentoo-hardened@gentoo.org
In-Reply-To: <200308141226.10856.pauldv@gentoo.org>
References: <1060793784.24922.2243.camel@simple>
	 <20030814050327.GF2331%chutz@gg3.net> <200308132300.15639.fava@gentoo.org>
	 <200308141226.10856.pauldv@gentoo.org>
Content-Type: text/plain
Organization: Gentoo Linux Developer (Hardened)
Message-Id: <1060869522.9502.2288.camel@simple>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.3 
Date: 14 Aug 2003 09:58:42 -0400
Content-Transfer-Encoding: 7bit
Subject: Re: [gentoo-dev] The Free Software Foundation's FTP site at
	ftp.gnu.org has been"compromised"
X-Archives-Salt: 825a5a6d-1a77-4434-b9d9-38907ee0fe79
X-Archives-Hash: 5ba5de71ce835bc8624198092ea9a5b9

FSF posted a summary of what happend to them here
http://ftp.gnu.org/MISSING-FILES.README

I compared the md5sum's of the files I had in my (2.1 G) distfiles to
the md5sums they posted and they all matched thankfully.

heres a url to the simple bash script I used to compare the checksums
http://dev.gentoo.org/~solar/gnu.md5sum.check

On Thu, 2003-08-14 at 06:26, Paul de Vrieze wrote:
> On Thursday 14 August 2003 08:00, Fred Van Andel wrote:
> > On August 13, 2003 10:03 pm, Georgi Georgiev wrote:
> > > > I dont have time now (I am at work) but can someone check the
> > > > dates of the affected files to see if they are potentially
> > > > suspect?
> > >
> > > Not good enough, is it? One can use "touch" to set the date to
> > > anything they want.
> >
> > Yes you can, but only a truly incompetent cracker would set the date
> > to be anything other than the date of the original file. The idea
> > is to hide the fact that the file has changed, not broadcast it.
> 
> I think it is better to look when the specific digest was added to cvs. As far 
> as I know our cvs has not been compromised.
> 
> Paul
-- 
Ned Ludd <solar@gentoo.org>
Gentoo Linux Developer (Hardened)


--
gentoo-dev@gentoo.org mailing list