[SLUG] FW: Linux under attack

Adams, Jamie JAMIE.ADAMS at HOMEGROUP.ORG.UK
Mon Nov 18 13:38:01 GMT 2002 

Jamie Adams
Housing Assistant
Scarborough

For info:

> ----------
> From: 	Johng[SMTP:johng at surfshop.net.ph]
> Reply To: 	nelug at mailman.lug.org.uk
> Sent: 	18 November 2002 13:19
> To: 	Linux NE User Group
> Subject: 	[Nelug] Linux under attack
> 
> Look out guys, Linux is now the system for crackers to attack.
> 
> Use them there MD5 checksums, or do the crackers crack them as well?
> 
> Johng
> 
> Linux utility site hacked, infected
>  
> http://zdnet.com.com/2100-1105-965800.html
> 
> The download site for two very common Linux based utilities,
> tcpdump.org, was hacked into on Nov. 11, and the software available for
> download was modified to contain Trojan Horse code. 
> 
> This Trojan Horse, or "back door" software allows the hacker that wrote
> it to access any machine on which the modified software is run. 
> 
> 
> The two software items affected are tcpdump and libpcap, tools commonly
> used in information security applications. Some Intrusion Detection
> System (IDS) software requires libpcap. 
> 
> 
> This is the most recent in a string of similar attacks. Sendmail, one of
> the most widely used e-mail server software packages, was also
> "trojaned" recently. Others affected in recent months have included
> OpenSSH, the secure remote access software, and even Fragroute, a hacker
> utility. 
> 
> 
> The identity of the hacker conducting this campaign is unknown, as is
> whether a connection exists between the separate incidents. 
> 
> 
> CERT released an advisory in which they ".encourage sites using libpcap
> and tcpdump to verify the authenticity of their distribution, regardless
> of where it was obtained." 
> 
> 
> CERT provided the information necessary to determine the authenticity of
> any libpcap or tcpdump software recently downloaded. The advisory also
> encourages users to verify all software before installing it. "As a
> matter of good security practice, the CERT/CC encourages users to
> verify, whenever possible, the integrity of downloaded software." 
> 
> 
> 
--------------------------------------------------------------------------------------------------------------------
This message is intended only for the use of the person(s) ("Intended Recipient") to whom it is addressed. It may contain information, which is privileged and confidential. Accordingly any dissemination, distribution, copying or other use of this message or any of its content by any person other than the Intended Recipient may constitute a breach of civil or criminal law and is strictly prohibited. If you are not the Intended Recipient, please contact the sender as soon as possible.

________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

More information about the Scarborough mailing list