Date: Thu, 1 Aug 2002 18:02:22 +0530 From: "Naga Suresh B" <torvalds@addr.com> To: "Christoph Wegener" <cwe@bph.ruhr-uni-bochum.de> Cc: <security@freebsd.org> Subject: Re: openssh-3.4p1.tar.gz trojaned Message-ID: <016301c23957$7d8436f0$9600a8c0@blraddrcom> References: <V832ZC7PYXVTB61W2X543MH96WS4W.3d492832@gonzo>
next in thread | previous in thread | raw e-mail | index | archive | help
how we can findout that trojaned attacked our server or not. ----- Original Message ----- From: "Christoph Wegener" <cwe@bph.ruhr-uni-bochum.de> To: "Mario Pranjic" <mario.pranjic@irb.hr> Cc: <freebsd-security@FreeBSD.ORG> Sent: Thursday, August 01, 2002 5:53 PM Subject: Re: openssh-3.4p1.tar.gz trojaned > Hi again, > yes you are right: I agree that the version on the ftp-server must have been changed during the last 24 hours - so you _might_ be safe... > But who can guaranty that... :(( AFAIK: if you don not have the trojan in the origin tarball this is a good indicator for being safe... > > Just my 2 cents...cheers > Christoph > > 1.8.2002 13:40:56, Mario Pranjic <mario.pranjic@irb.hr> wrote: > > >Of course. I understand that. > > > >But, I wanted your opinion about the openssh that installed yesterday (or > >the day before, not so sure right now). > > > >It has the right md5 checksum and no trojan file in tarball. > > > >If I got it right, openssh source tarball has changed in past 24 hourhs on > >ftp.openbsd.org and that one is infected. > > > >If so, I installed the clean version before the one with trojan was put on > >ftp server. > > > >We'll see what will the maintainer say about it (dinoex@FreeBSD.org). > -- > .-. Ruhr-Universitaet Bochum > /v\ L I N U X Lehrstuhl fuer Biophysik > // \\ >Penguin Computing< c/o Christoph Wegener > /( )\ Gebaeude ND 04/Nord > ^^-^^ D-44780 Bochum, GERMANY > > Tel: +49 (234) 32-25754 Fax: +49 (234) 32-14626 > mailto:cwe@bph.ruhr-uni-bochum.de http://www.bph.ruhr-uni-bochum.de > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?016301c23957$7d8436f0$9600a8c0>