NOTICE: [CERT Advisory CA-2003-21 GNU Project FTP Server Compromise]
Chris Larsen
darth at vader.dk
Thu Aug 14 02:14:33 PDT 2003
Hi All
As many may have noticed the GNU Project's FTP server had been compromised as
outlined in this CERT advisory[1].
I felt the urge to quickly hack together a small perl script to check my
distfiles against the published md5 sums from FSF.
Using this file as reference: ftp://ftp.gnu.org/before-2003-08-01.md5sums.asc
(Check and Verify the PGP signature ![1])
[1] Full CERT advisory : http://www.cert.org/advisories/CA-2003-21.html
-*-*-*-
Attached is a gzipped perl program to check ports/distfiles GNU archives
against the above file and indicate OK or WARNING status.
This script is provided in hope that people may find it useful.
PS: I know already now it has some shortcommings and is not fully regression
tested, but it fullfilled my purposes.
--
Chris Larsen
"Make something idiot proof,
and someone will invent a better idiot."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 447 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030814/f4589d6c/attachment.bin
More information about the freebsd-security
mailing list