[brluglist] [Fwd: NIPC Alert]

Jeff Crosby Fri, 26 Oct 2001 16:34:56 -0500

This is a multi-part message in MIME format.

------=_NextPart_000_0019_01C15E3C.258F94E0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


RE: [brluglist] [Fwd: NIPC Alert]If anyone has a problem checking an =
MD5sum then go here: http://www.linuxiso.org/md5sum.html
  ----- Original Message -----=20
  From: Kevin Bucknum=20
  To: '[EMAIL PROTECTED]'=20
  Sent: Friday, October 26, 2001 12:45 PM
  Subject: RE: [brluglist] [Fwd: NIPC Alert]


  grrr - outlook and exchange are evil - I can't force this bastard to =
post in plain text.
    -----Original Message-----
    From: Kevin Bucknum [mailto:[EMAIL PROTECTED]
    Sent: Friday, October 26, 2001 12:34 PM
    To: '[EMAIL PROTECTED]'
    Subject: RE: [brluglist] [Fwd: NIPC Alert]


    Check your iso's with md5sum against Redhat's published results from =
here=20
    ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM=20

    -----Original Message-----=20
    From: Jeff Crosby [mailto:[EMAIL PROTECTED]
    Sent: Friday, October 26, 2001 12:14 PM=20
    To: [EMAIL PROTECTED]
    Subject: Re: [brluglist] [Fwd: NIPC Alert]=20



    How can we tell if the iso's have been tampered with?  They could =
replace=20
    packages in them?  You mean, instead of 7.2 I could actually be =
installing=20
    something dangerous....like XP?  Let me know.  Jeff=20

    ----- Original Message -----=20
    From: "Shannon Roddy" <[EMAIL PROTECTED]>=20
    To: "Baton Rouge Linux Users Group" <[EMAIL PROTECTED]>=20
    Sent: Thursday, October 25, 2001 11:46 PM=20
    Subject: [brluglist] [Fwd: NIPC Alert]=20



    > BE CAREFUL with those 7.2 CD's... Read below.=20
    >=20
    > Shannon=20
    >=20
    > -----Forwarded Message-----=20
    >=20
    > > From: Terry Doub <[EMAIL PROTECTED]>=20
    > > To: [EMAIL PROTECTED]
    > > Subject: NIPC Alert=20
    > > Date: 25 Oct 2001 13:53:47 -0500=20
    > >=20
    > > The latest online update of Red Hat Linux, also known by its  =
code name,=20
    > > "Enigma," which was released 23 October, could have been  =
tampered with=20
    by=20
    > > attackers, a security expert warned.  Copies of  Red Hat Linux =
7.2=20
    > > available from some download sites were not digitally  signed by =
the=20
    > > developer, Red Hat Inc., according to Kurt Seifried,  author of =
an=20
    online=20
    > > book entitled "Linux Administrator's Security  Guide."  "Either =
Red Hat=20
    did=20
    > > not sign these packages, or someone  subverted the distribution =
process=20
    > > before the files got to various  sites," said Seifried in a =
security=20
    > > advisory issued 23 October.   Without such signatures, "it =
becomes=20
    trivial=20
    > > for an attacker to replace  packages on a distribution site with =
no one=20
    > > being able to easily verify  that they have been subverted," =
said=20
    > > Seifried's advisory.  A Red  Hat spokesperson said the company =
was=20
    studying=20
    > > the security  report.=20
    > > (Source: Newsbytes, 23 October)=20
    > =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
    > BRLUG - The Baton Rouge Linux User Group=20
    > Visit http://www.brlug.net for more information.=20
    > Send email to [EMAIL PROTECTED] to change=20
    > your subscription information.=20
    > =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20

    =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
    BRLUG - The Baton Rouge Linux User Group=20
    Visit http://www.brlug.net for more information.=20
    Send email to [EMAIL PROTECTED] to change=20
    your subscription information.=20
    =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20


------=_NextPart_000_0019_01C15E3C.258F94E0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>RE: [brluglist] [Fwd: NIPC Alert]</TITLE>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4616.200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>If anyone has a problem checking an =
MD5sum then go=20
here: http://www.linuxiso.org/md5sum.html</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
  <DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
  <DIV=20
  style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
  <A [EMAIL PROTECTED]
  href=3D"mailto:[EMAIL PROTECTED]">Kevin Bucknum</A> </DIV>
  <DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
[EMAIL PROTECTED]
  href=3D"mailto:'[EMAIL PROTECTED]'">'[EMAIL PROTECTED]'</A> </DIV>
  <DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Friday, October 26, 2001 =
12:45=20
  PM</DIV>
  <DIV style=3D"FONT: 10pt arial"><B>Subject:</B> RE: [brluglist] [Fwd: =
NIPC=20
  Alert]</DIV>
  <DIV><BR></DIV>
  <DIV><SPAN class=3D670114217-26102001><FONT face=3DArial =
color=3D#0000ff size=3D2>grrr=20
  - outlook and exchange are evil - I can't force this bastard to post =
in plain=20
  text.</FONT></SPAN></DIV>
  <BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
    <DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT =
face=3DTahoma=20
    size=3D2>-----Original Message-----<BR><B>From:</B> Kevin Bucknum=20
    [mailto:[EMAIL PROTECTED]<BR><B>Sent:</B> Friday, October =
26, 2001=20
    12:34 PM<BR><B>To:</B> <A=20
    =
href=3D"mailto:'[EMAIL PROTECTED]'">'[EMAIL PROTECTED]'</A><BR><B>Sub=
ject:</B>=20
    RE: [brluglist] [Fwd: NIPC Alert]<BR><BR></FONT></DIV>
    <P><FONT size=3D2>Check your iso's with md5sum against Redhat's =
published=20
    results from here</FONT> <BR><FONT size=3D2><A target=3D_blank=20
    =
href=3D"ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM";>ftp=
://ftp.redhat.com/pub/redhat/linux/7.2/en/iso/i386/MD5SUM</A></FONT>=20
    </P>
    <P><FONT size=3D2>-----Original Message-----</FONT> <BR><FONT =
size=3D2>From:=20
    Jeff Crosby [<A=20
    =
href=3D"mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]</A>]</FONT>=20
    <BR><FONT size=3D2>Sent: Friday, October 26, 2001 12:14 PM</FONT> =
<BR><FONT=20
    size=3D2>To: [EMAIL PROTECTED]</FONT> <BR><FONT size=3D2>Subject: =
Re:=20
    [brluglist] [Fwd: NIPC Alert]</FONT> </P><BR>
    <P><FONT size=3D2>How can we tell if the iso's have been tampered =
with?&nbsp;=20
    They could replace</FONT> <BR><FONT size=3D2>packages in them?&nbsp; =
You mean,=20
    instead of 7.2 I could actually be installing</FONT> <BR><FONT=20
    size=3D2>something dangerous....like XP?&nbsp; Let me know.&nbsp; =
Jeff</FONT>=20
    </P>
    <P><FONT size=3D2>----- Original Message -----</FONT> <BR><FONT =
size=3D2>From:=20
    "Shannon Roddy" &lt;[EMAIL PROTECTED]&gt;</FONT> <BR><FONT=20
    size=3D2>To: "Baton Rouge Linux Users Group"=20
    &lt;[EMAIL PROTECTED]&gt;</FONT> <BR><FONT size=3D2>Sent: =
Thursday, October=20
    25, 2001 11:46 PM</FONT> <BR><FONT size=3D2>Subject: [brluglist] =
[Fwd: NIPC=20
    Alert]</FONT> </P><BR>
    <P><FONT size=3D2>&gt; BE CAREFUL with those 7.2 CD's... Read =
below.</FONT>=20
    <BR><FONT size=3D2>&gt;</FONT> <BR><FONT size=3D2>&gt; =
Shannon</FONT> <BR><FONT=20
    size=3D2>&gt;</FONT> <BR><FONT size=3D2>&gt; -----Forwarded =
Message-----</FONT>=20
    <BR><FONT size=3D2>&gt;</FONT> <BR><FONT size=3D2>&gt; &gt; From: =
Terry Doub=20
    &lt;[EMAIL PROTECTED]&gt;</FONT> <BR><FONT size=3D2>&gt; &gt; To:=20
    [EMAIL PROTECTED]</FONT> <BR><FONT size=3D2>&gt; &gt; =
Subject: NIPC=20
    Alert</FONT> <BR><FONT size=3D2>&gt; &gt; Date: 25 Oct 2001 13:53:47 =

    -0500</FONT> <BR><FONT size=3D2>&gt; &gt;</FONT> <BR><FONT =
size=3D2>&gt; &gt;=20
    The latest online update of Red Hat Linux, also known by its&nbsp; =
code=20
    name,</FONT> <BR><FONT size=3D2>&gt; &gt; "Enigma," which was =
released 23=20
    October, could have been&nbsp; tampered with</FONT> <BR><FONT=20
    size=3D2>by</FONT> <BR><FONT size=3D2>&gt; &gt; attackers, a =
security expert=20
    warned.&nbsp; Copies of&nbsp; Red Hat Linux 7.2</FONT> <BR><FONT =
size=3D2>&gt;=20
    &gt; available from some download sites were not digitally&nbsp; =
signed by=20
    the</FONT> <BR><FONT size=3D2>&gt; &gt; developer, Red Hat Inc., =
according to=20
    Kurt Seifried,&nbsp; author of an</FONT> <BR><FONT =
size=3D2>online</FONT>=20
    <BR><FONT size=3D2>&gt; &gt; book entitled "Linux Administrator's=20
    Security&nbsp; Guide."&nbsp; "Either Red Hat</FONT> <BR><FONT=20
    size=3D2>did</FONT> <BR><FONT size=3D2>&gt; &gt; not sign these =
packages, or=20
    someone&nbsp; subverted the distribution process</FONT> <BR><FONT=20
    size=3D2>&gt; &gt; before the files got to various&nbsp; sites," =
said Seifried=20
    in a security</FONT> <BR><FONT size=3D2>&gt; &gt; advisory issued 23 =

    October.&nbsp;&nbsp; Without such signatures, "it becomes</FONT> =
<BR><FONT=20
    size=3D2>trivial</FONT> <BR><FONT size=3D2>&gt; &gt; for an attacker =
to=20
    replace&nbsp; packages on a distribution site with no one</FONT> =
<BR><FONT=20
    size=3D2>&gt; &gt; being able to easily verify&nbsp; that they have =
been=20
    subverted," said</FONT> <BR><FONT size=3D2>&gt; &gt; Seifried's=20
    advisory.&nbsp; A Red&nbsp; Hat spokesperson said the company =
was</FONT>=20
    <BR><FONT size=3D2>studying</FONT> <BR><FONT size=3D2>&gt; &gt; the=20
    security&nbsp; report.</FONT> <BR><FONT size=3D2>&gt; &gt; (Source: =
Newsbytes,=20
    23 October)</FONT> <BR><FONT size=3D2>&gt;=20
    =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</FO=
NT> <BR><FONT=20
    size=3D2>&gt; BRLUG - The Baton Rouge Linux User Group</FONT> =
<BR><FONT=20
    size=3D2>&gt; Visit <A target=3D_blank=20
    href=3D"http://www.brlug.net";>http://www.brlug.net</A> for more=20
    information.</FONT> <BR><FONT size=3D2>&gt; Send email to =
[EMAIL PROTECTED]
    to change</FONT> <BR><FONT size=3D2>&gt; your subscription =
information.</FONT>=20
    <BR><FONT size=3D2>&gt;=20
    =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</FO=
NT> </P>
    <P><FONT =
size=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</FONT>=20
    <BR><FONT size=3D2>BRLUG - The Baton Rouge Linux User Group</FONT> =
<BR><FONT=20
    size=3D2>Visit <A target=3D_blank=20
    href=3D"http://www.brlug.net";>http://www.brlug.net</A> for more=20
    information.</FONT> <BR><FONT size=3D2>Send email to =
[EMAIL PROTECTED] to=20
    change</FONT> <BR><FONT size=3D2>your subscription =
information.</FONT>=20
    <BR><FONT =
size=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</FONT>=20
  </P></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>

------=_NextPart_000_0019_01C15E3C.258F94E0--

================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================

[brluglist] [Fwd: NIPC Alert]

Reply via email to