Date: Fri, 2 Jan 2009 20:04:10 +0100 (CET) From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> To: cpghost <cpghost@cordula.ws> Cc: freebsd-questions@freebsd.org, Matt <datahead4@gmail.com> Subject: Re: Foiling MITM attacks on source and ports trees Message-ID: <20090102200221.K39573@wojtek.tensor.gdynia.pl> In-Reply-To: <20090102180524.GA1742@phenom.cordula.ws> References: <20090102164412.GA1258@phenom.cordula.ws> <cd6b4a5b0901020926t11dc7817j74e44cf61980f262@mail.gmail.com> <20090102180524.GA1742@phenom.cordula.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
> It's a beginning for sure. I assume (403 error) Max generates and > saves digests on his snapshots and the verification script does the > same locally and simply compares both lists. > it's plain paranoia. Yes such attacks are possible but usually there 100 other ways to compromise Your systems. if one really care then make your VPN for all your computers, use one that is unknown for others to download portsnap etc. and then use rsync to populate it to other machines.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090102200221.K39573>