Rootkit

[Manuel Arostegui Ramirez]

On Tuesday 23 October 2007 08:19:30 bob.smith at kolumbus.fi wrote:
>
> The idea was to create sort of(in some way) "encrypted and protected"
> executables. This to be able to verify that an executable is what it
> is(located on machine X, and compiled on machine x). Further, the
> executable would be made so that it could not run on a system on which it
> was not allowed to run. That was the basis of the idea. Purely theoretical.
> How this could be achieved in reality is beyond my current knowledgebase,
> but I am sure that someone else with more knowledge in encryption and
> protection than me, could maybe analyse this further.
>

A small approach to this, I mean to be sure that the executable is the one you 
installed firstly, could be getting the filehash of all the binaries 
installed from the beggining storing all the values in a database (outside 
from that box) and then if you think you could be hacked, just run again the 
filehash and compare it with the original one you got...

Again, this is an small approach, just an idea.

Cheers
Manuel
-- 
Manuel Arostegui Ramirez.

Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.