Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: MS binary integrity baseline

from [dave kleiman] Network Security [Permanent Link]
Subject: RE: MS binary integrity baseline
Date: Fri, 20 Aug 2004 17:54:56 -0400 
Chris,

Complete hash sets for all the MSFT OS's and much more exist in
http://www.nsrl.nist.gov/Project_Overview.htm
CD B has all MSFT OS's.  Many MSFT apps exist on the other CD's as well.
See http://www.nsrl.nist.gov/index/mfg.index.txt for a complete list of all
the hash sets.
There are plenty of tools, including Fsum, that you can do a compare against
the list.


______________________________________
Dave Kleiman, CISSP, CISM, CIFI, MCSE
www.SecurityBreachResponse.com


-----Original Message-----
From: Mark Burnett [mailto:mb@xato.net]
Sent: Thursday, August 19, 2004 10:46
To: focus-ms@securityfocus.com
Cc: Chris Conacher
Subject: Re: MS binary integrity baseline



But there's no built-in method to verify hash signatures of files. You can
use a tool like fsum (http://www.slavasoft.com/fsum/) to create and verify
hashes but it isn't easy to directly compare them to the files on the
install CD because the files on the CD are all compressed. You would have to
build a baseline system and compare them to that.  

Hope this helps,
Mark Burnett



On Wed, 18 Aug 2004 16:55:06 +0000, Chris Conacher wrote:

 Dear List
 
 Is there anything that performs binary integrity checks for Windows
 OS such as  rpm does for Redhat or apt does for Debian?
 
 I want something that will check Windows binaries against a trusted
 source - MS site, install cd, etc so that I can determine integrity
 baselines of current production systems before deploying an
 integrity checking application.
 
 I would have thought that this would be something Microsoft would
 provide, but have not seen anything.
 
 Thanks for any input
 
 Chris
 
 _________________________________________________________________
 Express yourself with cool new emoticons
 http://www.msn.co.uk/specials/myemo
 
 
 --------------------------------------------------------------------
 ------- ------------------------------------------------------------
 ---------------




---------------------------------------------------------------------------
---------------------------------------------------------------------------



---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  COM+ with ASP web site on W2K3, Dominic Cadorette
Next by Date:  RE: MS binary integrity baseline, Miroslaw Slawek Chorazy
Previous by Thread:  RE: MS binary integrity baseline, Simon Conant
Next by Thread:  RE: MS binary integrity baseline, Miroslaw Slawek Chorazy
Indexes:  [Date] [Thread] [Top] [All Lists]