From owner-freebsd-stable Wed Nov 13 12:43:18 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE98B37B401; Wed, 13 Nov 2002 12:43:16 -0800 (PST) Received: from seahawk.tradewindse.com (seahawk.tradewindse.com [65.82.243.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id C7C8343E4A; Wed, 13 Nov 2002 12:43:15 -0800 (PST) (envelope-from arc@tradewindse.com) Received: from tw12irwbkz2498 (catfish.marine.tradewindse.com [192.168.1.55]) by seahawk.tradewindse.com (8.12.5/8.12.5) with SMTP id gADKh9Rq048406; Wed, 13 Nov 2002 15:43:09 -0500 (EST) Message-ID: <002c01c28b55$46e3f220$3701a8c0@tw12irwbkz2498> Reply-To: "Arley Carter" From: "Arley Carter" To: Cc: Subject: trojaned libpcap in tcpdump Date: Wed, 13 Nov 2002 15:43:09 -0500 Organization: Tradewinds Technologies, Inc. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://hlug.fscker.com has found that the tcpdump from tcpdump.org has been infected by a trojan horse. I just checked the version of tcpdump built by RELENG_4. i.e. freebsd 4.7-stable. I am happy to report that it is NOT infected as described by fscker.com. However, if you have built tcpdump from tcpdump.org recently I would check for this trojan infection. If you have a lot of traffic on port 1963, you probably have a problem. -arc Arley Carter Tradewinds Technologies, Inc. arc@tradewindse.com Charlotte, NC USA www.tradewindse.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message