This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C15E45.F95B2920
Content-Type: text/plain;
charset="iso-8859-1"
grrr - outlook and exchange are evil - I can't force this bastard to post in
plain text.
-----Original Message-----
From: Kevin Bucknum [mailto:[EMAIL PROTECTED]
Sent: Friday, October 26, 2001 12:34 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [brluglist] [Fwd: NIPC Alert]
Check your iso's with md5sum against Redhat's published results from here
ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM
<ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM>
-----Original Message-----
From: Jeff Crosby [ mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ]
Sent: Friday, October 26, 2001 12:14 PM
To: [EMAIL PROTECTED]
Subject: Re: [brluglist] [Fwd: NIPC Alert]
How can we tell if the iso's have been tampered with? They could replace
packages in them? You mean, instead of 7.2 I could actually be installing
something dangerous....like XP? Let me know. Jeff
----- Original Message -----
From: "Shannon Roddy" <[EMAIL PROTECTED]>
To: "Baton Rouge Linux Users Group" <[EMAIL PROTECTED]>
Sent: Thursday, October 25, 2001 11:46 PM
Subject: [brluglist] [Fwd: NIPC Alert]
> BE CAREFUL with those 7.2 CD's... Read below.
>
> Shannon
>
> -----Forwarded Message-----
>
> > From: Terry Doub <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Subject: NIPC Alert
> > Date: 25 Oct 2001 13:53:47 -0500
> >
> > The latest online update of Red Hat Linux, also known by its code name,
> > "Enigma," which was released 23 October, could have been tampered with
by
> > attackers, a security expert warned. Copies of Red Hat Linux 7.2
> > available from some download sites were not digitally signed by the
> > developer, Red Hat Inc., according to Kurt Seifried, author of an
online
> > book entitled "Linux Administrator's Security Guide." "Either Red Hat
did
> > not sign these packages, or someone subverted the distribution process
> > before the files got to various sites," said Seifried in a security
> > advisory issued 23 October. Without such signatures, "it becomes
trivial
> > for an attacker to replace packages on a distribution site with no one
> > being able to easily verify that they have been subverted," said
> > Seifried's advisory. A Red Hat spokesperson said the company was
studying
> > the security report.
> > (Source: Newsbytes, 23 October)
> ================================================
> BRLUG - The Baton Rouge Linux User Group
> Visit http://www.brlug.net <http://www.brlug.net> for more information.
> Send email to [EMAIL PROTECTED] to change
> your subscription information.
> ================================================
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net <http://www.brlug.net> for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================
------_=_NextPart_001_01C15E45.F95B2920
Content-Type: text/html;
charset="iso-8859-1"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>RE: [brluglist] [Fwd: NIPC Alert]</TITLE>
<META content="MSHTML 6.00.2600.0" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=670114217-26102001><FONT face=Arial color=#0000ff size=2>grrr
-
outlook and exchange are evil - I can't force this bastard to post in plain
text.</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Kevin Bucknum
[mailto:[EMAIL PROTECTED]<BR><B>Sent:</B> Friday, October 26, 2001
12:34 PM<BR><B>To:</B> '[EMAIL PROTECTED]'<BR><B>Subject:</B> RE:
[brluglist] [Fwd: NIPC Alert]<BR><BR></FONT></DIV>
<P><FONT size=2>Check your iso's with md5sum against Redhat's published
results from here</FONT> <BR><FONT size=2><A
href="ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM";
target=_blank>ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM</A></FONT>
</P>
<P><FONT size=2>-----Original Message-----</FONT> <BR><FONT size=2>From: Jeff
Crosby [<A
href="mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]</A>]</FONT>
<BR><FONT
size=2>Sent: Friday, October 26, 2001 12:14 PM</FONT> <BR><FONT size=2>To:
[EMAIL PROTECTED]</FONT> <BR><FONT size=2>Subject: Re: [brluglist] [Fwd:
NIPC Alert]</FONT> </P><BR>
<P><FONT size=2>How can we tell if the iso's have been tampered with?
They could replace</FONT> <BR><FONT size=2>packages in them? You mean,
instead of 7.2 I could actually be installing</FONT> <BR><FONT
size=2>something dangerous....like XP? Let me know. Jeff</FONT>
</P>
<P><FONT size=2>----- Original Message -----</FONT> <BR><FONT size=2>From:
"Shannon Roddy" <[EMAIL PROTECTED]></FONT> <BR><FONT size=2>To:
"Baton Rouge Linux Users Group" <[EMAIL PROTECTED]></FONT> <BR><FONT
size=2>Sent: Thursday, October 25, 2001 11:46 PM</FONT> <BR><FONT
size=2>Subject: [brluglist] [Fwd: NIPC Alert]</FONT> </P><BR>
<P><FONT size=2>> BE CAREFUL with those 7.2 CD's... Read below.</FONT>
<BR><FONT size=2>></FONT> <BR><FONT size=2>> Shannon</FONT> <BR><FONT
size=2>></FONT> <BR><FONT size=2>> -----Forwarded Message-----</FONT>
<BR><FONT size=2>></FONT> <BR><FONT size=2>> > From: Terry Doub
<[EMAIL PROTECTED]></FONT> <BR><FONT size=2>> > To:
[EMAIL PROTECTED]</FONT> <BR><FONT size=2>> > Subject: NIPC
Alert</FONT> <BR><FONT size=2>> > Date: 25 Oct 2001 13:53:47
-0500</FONT> <BR><FONT size=2>> ></FONT> <BR><FONT size=2>> > The
latest online update of Red Hat Linux, also known by its code
name,</FONT> <BR><FONT size=2>> > "Enigma," which was released 23
October, could have been tampered with</FONT> <BR><FONT
size=2>by</FONT>
<BR><FONT size=2>> > attackers, a security expert warned. Copies
of Red Hat Linux 7.2</FONT> <BR><FONT size=2>> > available from
some download sites were not digitally signed by the</FONT> <BR><FONT
size=2>> > developer, Red Hat Inc., according to Kurt Seifried,
author of an</FONT> <BR><FONT size=2>online</FONT> <BR><FONT size=2>> >
book entitled "Linux Administrator's Security Guide." "Either Red
Hat</FONT> <BR><FONT size=2>did</FONT> <BR><FONT size=2>> > not sign
these packages, or someone subverted the distribution process</FONT>
<BR><FONT size=2>> > before the files got to various sites," said
Seifried in a security</FONT> <BR><FONT size=2>> > advisory issued 23
October. Without such signatures, "it becomes</FONT> <BR><FONT
size=2>trivial</FONT> <BR><FONT size=2>> > for an attacker to
replace packages on a distribution site with no one</FONT> <BR><FONT
size=2>> > being able to easily verify that they have been
subverted," said</FONT> <BR><FONT size=2>> > Seifried's advisory.
A Red Hat spokesperson said the company was</FONT> <BR><FONT
size=2>studying</FONT> <BR><FONT size=2>> > the security
report.</FONT> <BR><FONT size=2>> > (Source: Newsbytes, 23
October)</FONT> <BR><FONT size=2>>
================================================</FONT> <BR><FONT size=2>>
BRLUG - The Baton Rouge Linux User Group</FONT> <BR><FONT size=2>> Visit
<A
href="http://www.brlug.net"; target=_blank>http://www.brlug.net</A> for more
information.</FONT> <BR><FONT size=2>> Send email to [EMAIL PROTECTED] to
change</FONT> <BR><FONT size=2>> your subscription information.</FONT>
<BR><FONT size=2>> ================================================</FONT>
</P>
<P><FONT size=2>================================================</FONT>
<BR><FONT size=2>BRLUG - The Baton Rouge Linux User Group</FONT> <BR><FONT
size=2>Visit <A href="http://www.brlug.net";
target=_blank>http://www.brlug.net</A> for more information.</FONT> <BR><FONT
size=2>Send email to [EMAIL PROTECTED] to change</FONT> <BR><FONT
size=2>your subscription information.</FONT> <BR><FONT
size=2>================================================</FONT>
</P></BLOCKQUOTE></BODY></HTML>
------_=_NextPart_001_01C15E45.F95B2920--
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================
