Bugtraq mailing list archives
Re: trojans on ftp sites
From: mouse () collatz mcrcim mcgill edu (der Mouse)
Date: Sat, 14 May 1994 22:02:24 -0400
Christopher Klaus put out the idea about changing the archie daemon to detect tampered files [...]The problem is, how would the Archie servers determine the checksums?Easy. modify the 'ls' on each ftp site to automatically do a checksum. [...]
I'd much rather have something like an XCKS command. Proposed syntax: XCKS method pathname where "method" could be something like "CRC16", "MD5", etc, and "pathname" is of course the name of the file whose checksum is desired. I propose that the checksum method name be specced to be case-insensitive. Replies, aside from usual errors like 500 (if XCKS isn't recognized) or 530 (if not logged in): 504 That checksum method not implemented here. 213 xxxx (where xxxx is the appropriate checksum in some typical form, such as hexadecimal - perhaps "method" could say, eg MD5-HEX or MD5-BASE64). Maybe it would be better to use a new code (216, say) rather than overloading 213. der Mouse mouse () collatz mcrcim mcgill edu
Current thread:
- Re: trojans on ftp sites der Mouse (May 14)
- Re: trojans on ftp sites Peter Deutsch (May 14)
- <Possible follow-ups>
- Re: trojans on ftp sites Paul Robinson (May 14)
- Re: your mail Christopher Klaus (May 14)
- Re: trojans on ftp sites smb () research att com (May 14)
- Re: your mail John Macdonald (May 16)
- Re: your mail Steven C. Blair (May 16)
- Re: your mail John Macdonald (May 16)
- Re: your mail Christopher Klaus (May 16)
- Re: your mail Adam Shostack (May 16)
- Re: your mail John Macdonald (May 16)
- Checksums in FTP servers. Scott Northrop (May 16)