Anfang der weitergeleiteten E-Mail:
Von: lewis pusey <[EMAIL PROTECTED]> Datum: Di, 29. Jul 2003 17:20:16 Europe/Berlin An: Max Horn <[EMAIL PROTECTED]> Betreff: Re: Fink documents hacked during install on OSX
Howdy,
From your message I should not repond to you but since you asked, the problem is that the Fink documentation is in a format that when selected launches your default browser. If you save that documentation and at some point uncompress the documentation again during a re-install you now have two copies of the documentation in different directories. When online for extended periods FTPing files for Debian installations on FINK your location becomes known to hackers who are looking to exploit this always on line profile for the purpoise of redirecting web traffic to porn sites. Port 6000 is open by default on Linux intallations. Web browsers may be hacked to contain spurious information while online without your actual box being hacked.
I think the hack involves manipulaing these vulnerabilities, I'm not a hacker so I can't really spell it out exactly.
What I do now is that once I re-install Fink and then try to access the documentation I am instead re-directed to a porn site. My recommendation is not to have documentation in HTML format or to have enbeded linkd within the Documentation.
Hackers wouldn't really need access to your box other than the handle of your IP address, duplicate links, and an open port for this. Check out Cult of the Dead Cow, or Back Orifice to see examples of this. Caution, your Browser will be hijacked and your firewall and security should be high. Back orifice is malicious as well as corrupt.
Lewis
On Sunday, July 27, 2003, at 10:52AM, Max Horn <[EMAIL PROTECTED]> wrote:
Am Sonntag, 27.07.03 um 17:43 Uhr schrieb Lewis Pusey:
The following is the message I sent to Debian and is related to the Fink install on Mac.
Err, hu? You sent a message to "debian" (what does that mean, some debian mailing list?) related to Fink? Fink is completely separate project of Debian. There is no relation between the two projects, and sending mails to Debian regarding Fink is like sending mail to Apple regarding MS Word... :-)
I am not the best address to email such things either. Email them to the fink-devel mailing list (I am CCing my reply there)!
The problem is not directly Debian. When using the Fink installer for OSX I save the documentation to the Document folder of the Home directory in Mac. When I need to delete my fink installation and re-install I use the saved documentation. The problem is that once I eject the installer image the web page documentation becomes pornographic and links me to pornographic sites. No doubt the Russian hackers are exploiting some vulnerability of Internet Explorer browser cache and having a duplicate Browser doc on Desktop and the Home folder at the same time.
I don't quite follow you there... what "web page documentation", and
how does it link to a porn site ?!? Could you give some more specific
information? Like, what files are you talking about, what *exactly* are
you doing, etc.
Do you mean the Fink binary installer got hacked somehow and contains files that link to a porn site?
Again I am afraid I don't understand what you are trying to say... I amMy suggestion is to have a Fink Docs in a non-browser format. This may concern you if you have a link with Fink or the are exploiting Linux in this hack as well, such as the default path in SW /user/ used by Fink.
not a native english speaker, my language skills are not sufficient to
decode what you are trying to tell me, sorry, can you please rephrase?
You want to say something like that a link to a fixed location like
/sw/share/docs is bad, because it could be exploited by hackers ?!? If
that's what you meant, I don't understand it, though, since to exploit
that, the hacker would have to have access to your machine already
anyway.
Max
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
