Yeah that's what I do with all the freenet packages on my server. Explorer has caused a general protection fault in module kernel32.dll. I'm sick of Winblows! ----- Original Message ----- From: "Igor Gueths" <igueths@xxxxxxxxx> To: <speakup at braille.uwo.ca> Sent: Wednesday, November 13, 2002 8:04 PM Subject: Re: [pehrens at ligo.caltech.edu: Re: Nmap *NOT* affected by libpcap trojan] > Also if you digitally sign a file make sure there's some kind of > convention established for what encryption algorithm (s)/decrypters are > used. For example, have a note about gnupg is required to varify the > signature, etc. I know knerlel.org, for a fact, digitally signs some of > their files. Especially the source tree for the stable kernels, and I > think for developmental as well. > > May you code in the power of the source, > may the kernel, libraries, and utilities be with you, > throughout all distributions until the end of the epoch. > > On Wed, 13 Nov 2002, Alex Snow wrote: > > > Yeah that's why it's getting increasingly important to digitally sign files > > before releasing them, so that way you can tell if someone screwed witht he > > file. > > Explorer has caused a general protection fault in module kernel32.dll. I'm > > sick of Winblows! > > ----- Original Message ----- > > From: "Scott Howell" <showell at lrxms.net> > > To: <speakup at braille.uwo.ca> > > Sent: Wednesday, November 13, 2002 7:07 PM > > Subject: [pehrens at ligo.caltech.edu: Re: Nmap *NOT* affected by libpcap > > trojan] > > > > > > > Folks, I am subscribed to the list about Nmap. This info might e very > > > interesting to folks. I have not had a chance to verify all the info nor > > > have I seen anything from Bug Track, but that could be more a problem > > > with not geting mail from my ISP. In any case, if anyone does know more, > > > please share. > > > > > > tnx > > > > > > > > > ----- Forwarded message from Philip Ehrens > > <pehrens at ligo.caltech.edu> ----- > > > > > > Mailing-List: contact nmap-hackers-help at insecure.org; run by ezmlm > > > From: Philip Ehrens <pehrens at ligo.caltech.edu> > > > To: Fyodor <fyodor at insecure.org> > > > Cc: nmap-hackers at insecure.org > > > Subject: Re: Nmap *NOT* affected by libpcap trojan > > > Mail-Followup-To: Philip Ehrens <pehrens at lrxms.net>, > > > Fyodor <fyodor at insecure.org>, nmap-hackers at insecure.org > > > > > > I would like to point out that the type of trojan described below > > > is becoming increasingly common. ftp.sendmail.org was compromised > > > recently and a similar trojan was placed in the sendmail source > > > tarball. > > > > > > I know of at least 12 common packages that have had their source > > > tarballs compromised within the last 3 months on servers that were > > > considered secure. The folks doign this have gone as far as to > > > hijack DNS and root machines on specific subnets in order to place > > > this type of trojan. > > > > > > These trojans are activated during te build process of the source > > > tarball in most cases, usually the configure script contains some > > > variation of code that establishes a connection to a remote machine. > > > > > > I believe that the folks doing this are actually trying to catch > > > certain specific machines or subnets, and are not doing this to > > > set up DDOS or just to own large numbers of boxes. When I activated > > > one of these trojans while building a package all that happened was > > > that my /etc/passwd file was shipped off. The machine listening on > > > the other end never did anything except stay connected for a while. > > > > > > I expect to see more and more of this at an accellerating rate > > > from now on... if you are letting root make remote connections > > > you are asking for trouble! > > > > > > Sorry for using your list for this Fyodor, I won't do it again. > > > > > > Phil > > > > > > Fyodor wrote: > > > > I just wanted to send out a quick note that the version of libpcap > > > > shipped with Nmap does NOT contain the trojan described at: > > > > > > > > http://hlug.fscker.com/ > > > > > > http://slashdot.org/article.pl?sid=02/11/13/1255243&mode=nested&tid=172&thre > > shold=3 > > > > > > > > Cheers, > > > > -F > > > > > > -------------------------------------------------- > > > For help using this (nmap-hackers) mailing list, send a blank email to > > > nmap-hackers-help at insecure.org . List run by ezmlm-idx (www.ezmlm.org). > > > > > > ----- End forwarded message ----- > > > > > > _______________________________________________ > > > Speakup mailing list > > > Speakup at braille.uwo.ca > > > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > > > > > > > _______________________________________________ > > Speakup mailing list > > Speakup at braille.uwo.ca > > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup >
