[dundee] Red Hat hack prompts critical OpenSSH update | The Register
Lee Hughes
toxicnaan at yahoo.co.uk
Mon Aug 25 12:34:27 UTC 2008
So how exactly does one , first break into the server? okay, I can believe that,
but then they are able to sign packages with red hats keys?
that's sound a bit weird? Have red hat been sloppy with their key management?
keylogger?
now that's interesting?
Any idea's....
--- On Mon, 25/8/08, Andrew Clayton <andrew at digital-domain.net> wrote:
From: Andrew Clayton <andrew at digital-domain.net>
Subject: Re: [dundee] Red Hat hack prompts critical OpenSSH update | The Register
To: dundee at lists.lug.org.uk
Date: Monday, 25 August, 2008, 11:08 AM
On Mon, 25 Aug 2008 09:58:25 +0100, R J Ladyman wrote:
> You might have seen this, of course
>
> http://www.theregister.co.uk/2008/08/22/red_hat_systems_hacked/
If you have any RHEL 4 or 5 machines (i386 or x86_64) then you'll want
to run the openssh-blacklist script from
http://www.redhat.com/security/data/openssh-blacklist.html to check you
haven't got any suspect packages installed.
Andrew
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
Send instant messages to your online friends http://uk.messenger.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20080825/264ec6fd/attachment.htm
More information about the dundee
mailing list