adelman@LBL.ARPA (Kenneth Adelman) (08/06/87)
The LOGINOUT.EXE checksums likely differ from machine-to-machine because this image was patched as part of an upgrade. PATCH writes the date and time of the patch into the image, so you would expect no two patches of the same image to end up with the same two checksums. SHOW.EXE (probably) wasn't ever patched as part of an upgrade, hence the same checksum. Kenneth Adelman LBL
ted@MITRE-BEDFORD.ARPA (08/07/87)
In regards to LOGINOUT.EXE checksums; I *think* that there are different versions of LOGINOUT depending on the maximum number of logins that your system allows. When perusing a n-user key tape a while ago, all that I remember seeing was LOGINOUT.EXE. --ted Please, blast me, not the net, if I'm wrong. +-----------------------------------------------------------------------------+ |Arpa: ted@mitre-bedford.arpa | So much time and so little to do... | |Snail: The MITRE Corporation | -Willy Wonka | | Burlington Road | | | Mail Stop B015 | The views expressed herein are that of | | Bedford MA, 01730 | my employer and not necessarily my own. | |DDD: (617) 271-2524 | Whoops, reverse that. | +-----------------------------------------------------------------------------+
LEICHTER-JERRY@YALE.ARPA (08/10/87)
The LOGINOUT.EXE checksums likely differ from machine-to-machine
because this image was patched as part of an upgrade. PATCH writes the
date and time of the patch into the image, so you would expect no two
patches of the same image to end up with the same two checksums.
This problem can be avoided by using CHECKSUM/IMAGE rather than just plain
CHECKSUM. CHECKSUM/IMAGE, even less well-known than CHECKSUM:
- Looks only at the relevant parts of the image, ignoring things
like patch dates;
- Types out its results, rather than setting CHECKSUM$CHECKSUM;
- Accepts wild-card file specs, with default file type .EXE.
HOWEVER, LOGINOUT.EXE actually varies a bit from system to system: It's
different on VMS and MicroVMS systems because of the multi-user-license
restrictions on MicroVMS, and applying different "number of users" licenses
also produces different images. So even CHECKSUM/IMAGE will show variations
on LOGINOUT from system to system - though it should probably produce the
same result on all VMS (as opposed to MicroVMS) systems.
I M P O R T A N T C A U T I O N
DON'T PUT YOUR FAITH IN CHECKSUM!!!
CHECKSUM was NOT intended to be used in security applications. Its algorithm
is very simple - basically it just considers the file to consist of a bunch of
4-byte integers and adds them up. It is very easy to ensure that the checksum
on a file remains unchanged even as you replace it completely. There do exist
"cryptographic checksums" with the property that it is very difficult to make
the checksum come out to some pre-specified value. One, based on DES, is
approved for this kind of use in banking applications. A PD DES encryption
package, with a user interface that supports this checksum mode, has been
distributed through Usenet. (The copy I picked up is "Programmed by R.W.
Outerbridge; uses Jim Gillogly's DES".) It needs work for effective use on
VMS, and, of course, comes with no guarantees.
-- Jerry
-------