Home > Articles > Security > Network Security

  • Print
  • + Share This
From the author of

1: Document and Verify Characterization Trust Assumptions

During the process of generating all characterization information (for both baselining and comparison purposes), explicitly document trust assumptions and continually verify that the results can be trusted. Trust assumptions will likely address these areas:

  • Operating system kernel (loaded from virus-free, secure distribution media)

  • Media where characterization tools are stored and from which they are installed

  • Cryptographic checksums and other authoritative reference data that constitute characterization data

For example, in support of generating cryptographic checksums, the MD5 program generates a unique, 128-bit cryptographic message digest value derived from the contents of a file. This value is considered to be a highly reliable fingerprint that can be used to verify the integrity of the file's contents. If as little as a single bit value in the file is modified, the MD5 checksum for the file changes. Forgery of a file in a way that causes MD5 to generate the same result as that for the original file is considered extremely difficult.

A set of MD5 checksums for critical system, application, and data files provides a compact way of storing information for use in periodic integrity checks of these files.

Details for the MD5 cryptographic checksum program are provided in RFC 1321. Source code and additional information are available via FTP from http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html.

  • + Share This
  • 🔖 Save To Your Account