Re: openssh-3.4p1.tar.gz trojaned
From: Przemyslaw Frasunek (venglin@freebsd.lublin.pl)Date: 08/05/02
- Previous message: Russell Fulton: "Re: (AUSCERT#c42e2) Re: odd traffic on port 80 from win 98 system - Frethem.K"
- In reply to: Edwin Groothuis: "openssh-3.4p1.tar.gz trojaned"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: incidents@securityfocus.com From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl> Date: 05 Aug 2002 11:37:24 +0200
Edwin Groothuis <edwin@mavetju.org> napisał(a):
> Just want to inform you that the OpenSSH package op ftp.openbsd.org
> (and probably all its mirrors now) it trojaned:
Actually, it's possible, that also other machines at openbsd.org were
compromised (dns servers? cvs.openbsd.org?). Recently we had complains
about some malicious IRC activity originating from cvs.openbsd.org,
which was possibly cracked or DNS spoofed.
03:11 EFNet:[ Whois deraadt (deraadt@cvs.openbsd.org)
03:11 EFNet:: Ircname : Theo de Raadt
03:11 EFNet:: Server : irc.efnet.pl [ATMAN Network, Warsaw, Poland ]
03:11 EFNet:: Idle : 0 days 0 hours 1 mins 9 secs
03:11 EFNet:: Signon : Fri Aug 2 03:09:58 2002
03:10 EFNet:- irc.efnet.pl - *** Notice -- User deraadt
(deraadt@cvs.openbsd.org) is attempting to join locally
juped channel #phrack
-- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * * Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
- Previous message: Russell Fulton: "Re: (AUSCERT#c42e2) Re: odd traffic on port 80 from win 98 system - Frethem.K"
- In reply to: Edwin Groothuis: "openssh-3.4p1.tar.gz trojaned"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
