fs at WPI.EDU
Mon Feb 14 18:46:20 GMT 2005
On Sun, Feb 13, 2005 at 10:20:01PM -0500, Hill, Dan wrote:
> Yes, we are using Bart's PE, and we are using MD5. But to do a thorough
> job, the tool would need to include the MD5 hashes of each file patched
> by Microsoft. Maintaining an XML database of MD5 hashes for every file
> that MS ships is definitely a job for Microsoft. Also, tracing the boot
> sequence for a hard drive from an external boot CD is not so easy.
Instead of or in addition to checking against an MD5 list, why not also try
sigverif.exe to check the digital certificates on system files?
Frank Sweetser fs at wpi.edu
WPI Network Engineer
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
More information about the unisog