I think from gatech. Besides, consider the source of those accusations. Do a little digging around on Kurt Siefried, then, ask yourself it that was worth the post..
----- Original Message ----- From: "John Hebert" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, October 26, 2001 12:15 AM Subject: Re: [brluglist] [Fwd: NIPC Alert] > Hey Tim! Where didya download these from? :) > > I know there is a way to generate and compare the > checksums for the CDs, but I don't know the details. > Can somebody give us a quick overview? I assume that > merely passing the checksum test does not _guarantee_ > the files weren't tampered with, though it is easy to > check. > > John Hebert > > --- Shannon Roddy <[EMAIL PROTECTED]> wrote: > > BE CAREFUL with those 7.2 CD's... Read below. > > > > Shannon > > > > -----Forwarded Message----- > > > > > From: Terry Doub <[EMAIL PROTECTED]> > > > To: [EMAIL PROTECTED] > > > Subject: NIPC Alert > > > Date: 25 Oct 2001 13:53:47 -0500 > > > > > > The latest online update of Red Hat Linux, also > > known by its code name, > > > "Enigma," which was released 23 October, could > > have been tampered with by > > > attackers, a security expert warned. Copies of > > Red Hat Linux 7.2 > > > available from some download sites were not > > digitally signed by the > > > developer, Red Hat Inc., according to Kurt > > Seifried, author of an online > > > book entitled "Linux Administrator's Security > > Guide." "Either Red Hat did > > > not sign these packages, or someone subverted the > > distribution process > > > before the files got to various sites," said > > Seifried in a security > > > advisory issued 23 October. Without such > > signatures, "it becomes trivial > > > for an attacker to replace packages on a > > distribution site with no one > > > being able to easily verify that they have been > > subverted," said > > > Seifried's advisory. A Red Hat spokesperson said > > the company was studying > > > the security report. > > > (Source: Newsbytes, 23 October) > > ================================================ > > BRLUG - The Baton Rouge Linux User Group > > Visit http://www.brlug.net for more information. > > Send email to [EMAIL PROTECTED] to change > > your subscription information. > > ================================================ > > > __________________________________________________ > Do You Yahoo!? > Make a great connection at Yahoo! Personals. > http://personals.yahoo.com > ================================================ > BRLUG - The Baton Rouge Linux User Group > Visit http://www.brlug.net for more information. > Send email to [EMAIL PROTECTED] to change > your subscription information. > ================================================ > ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
