MISP
/
misp-packer
mirror of https://github.com/MISP/misp-packer
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [doc] Added verify.txt completeness

pull/23/head
Steve Clement 2019-05-16 09:24:51 +09:00
parent ee625d48d3
commit e36402b704
1 changed files with 70 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
verify.txt
View File

@ -20,8 +20,9 @@ Download the OVA and the ASC into the same directory.
On the command line verify the PGP signature first, example:
$ gpg --verify MISP_v2.4.107@latest.ova.asc MISP_v2.4.107@latest.ova
TODO: Include output.
gpg: Signature made Wed 15 May 2019 07:04:42 PM JST
gpg: using RSA key EDEC891834F20B13
gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) <misp-vm@circl.lu>" [ultimate]
3. Download SFV files
@ -29,14 +30,38 @@ Now download the checksum file and its signature, and verify.
$ wget https://www.circl.lu/misp-images/MISP_v2.4.107@latest-CHECKSUM.sfv
$ wget https://www.circl.lu/misp-images/MISP_v2.4.107@latest-CHECKSUM.sfv.asc
$ gpg --verify /MISP_v2.4.107@latest-CHECKSUM.sfv.asc MISP_v2.4.107@latest-CHECKSUM.sfv
$ gpg --verify MISP_v2.4.107@latest-CHECKSUM.sfv.asc MISP_v2.4.107@latest-CHECKSUM.sfv
gpg: Signature made Wed 15 May 2019 07:15:10 PM JST
gpg: using RSA key EDEC891834F20B13
gpg: BAD signature from "CIRCL MISP (CIRCL MISP VM Release Key) <misp-vm@circl.lu>" [ultimate]
If you get a BAD signature, please download again.
Next, use rhash or go with the manual way.
rhash
-----
$ rhash -c MISP_v2.4.107@latest-CHECKSUM.sfv
$ cat MISP_v2.4.107@latest-CHECKSUM.sfv |sed 's/@\(.*\)-/@latest-/g' |sed 's/@\(.*\).ova/@latest.ova/g' |rhash -c -v --percents -
--( Verifying MISP_v2.4.107@latest-CHECKSUM.sfv )-------------------------------
MISP_v2.4.107@latest-VMware.zip OK
MISP_v2.4.107@latest.ova OK
--------------------------------------------------------------------------------
Everything OK
Manual (not recommended)
------------------------
Take any file you want to verify, with sha1-sum for example.
$ shasum MISP_v2.4.107@8a51109.nvram | cut -f 1 -d\ |grep -o -i -f - MISP_@8a51109.sfv
D3A2EBF751E31C6972F89DEC4F57D69C4681A142
If you get back a shasum, it worked, the file is safe and sound.
Now you could do this, for all files, for all the checksums (sha1/256/384/512) OR just use rhash.
Verify VMware
-------------
@ -50,7 +75,46 @@ Download the ZIP and the ASC into the same directory.
On the command line verify the PGP signature first, example:
$ gpg --verify MISP_v2.4.107@latest-VMware.zip.asc MISP_v2.4.107@latest-VMware.zip
gpg: Signature made Wed 15 May 2019 07:04:42 PM JST
gpg: using RSA key EDEC891834F20B13
gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) <misp-vm@circl.lu>" [ultimate]
TODO: Include output.
Do step number 3 from above.
Do steps number 3 from above.
$ unzip MISP_v2.4.107@latest-VMware.zip
Archive: MISP_v2.4.107@latest-VMware.zip
inflating: VMware/disk-s001.vmdk
inflating: VMware/disk-s002.vmdk
inflating: VMware/disk-s003.vmdk
inflating: VMware/disk-s004.vmdk
inflating: VMware/disk-s005.vmdk
inflating: VMware/disk-s006.vmdk
inflating: VMware/disk-s007.vmdk
inflating: VMware/disk.vmdk
inflating: VMware/MISP_v2.4@8a51109.sfv
inflating: VMware/MISP_v2.4.107@8a51109.nvram
extracting: VMware/MISP_v2.4.107@8a51109.vmsd
inflating: VMware/MISP_v2.4.107@8a51109.vmx
inflating: VMware/MISP_v2.4.107@8a51109.vmxf
$ cd VMware
$ rhash -c -v --percents MISP_v2.4@8a51109.sfv
Config file: /etc/rhashrc
--( Verifying MISP_v2.4@8a51109.sfv )-----------------------------------------------
disk-s001.vmdk OK
disk-s002.vmdk OK
disk-s003.vmdk OK
disk-s004.vmdk OK
disk-s005.vmdk OK
disk-s006.vmdk OK
disk-s007.vmdk OK
disk.vmdk OK
MISP_v2.4.107@8a51109.nvram OK
MISP_v2.4.107@8a51109.vmsd OK
MISP_v2.4.107@8a51109.vmx OK
MISP_v2.4.107@8a51109.vmxf OK
--------------------------------------------------------------------------------
Everything OK
You can be more or less confident that verything is fine.