CRIME FW: [Cyber_threats] Daily News 12/26/02

• Previous message: Lyle Leavitt: "CRIME [Fwd: [Information_technology] Daily News 12/26/02]"
• Next in thread: Crispin Cowan: "Re: CRIME FW: [Cyber_threats] Daily News 12/26/02"
• Reply: Crispin Cowan: "Re: CRIME FW: [Cyber_threats] Daily News 12/26/02"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Thursday, December 26, 2002 11:31 AM
To: cyber_threats@private
Subject: [Cyber_threats] Daily News 12/26/02


December 24, ZDNet Australia - Trojan horses plague open source. At
least three commonly used open source software packages were altered by
black-hat hackers to contain "Trojan horse" code this year. The three
most commonly used packages affected were Sendmail, OpenSSH and
tcpdump/libpcap. Others to be modified included BitchX, a chat client,
and Fragrouter, a network security tool. In all of these cases, the
unknown cracker gained entry to the relevant download sites and embedded
the back door code in the installation packages. Adam Pointon, a
Melbourne, Australia based security consultant, says that most of these
modifications were not noticed for several days. But Pointon says that
using open source software is often less risky than using pre-compiled,
or "closed source" software because users who download open source
packages can very easily verify their authenticity through a
mathematical process known as an md5 checksum. An md5 checksum is
basically a fingerprint of a file. A mathematical operation is performed
on the relevant file that will generate a unique 32-byte number. If a
single bit is changed in that file, the number that the md5 utility
spits out will be completely different. The motives for the Trojans are
unclear. Some are speculating that a group black-hat hackers are using
the Trojan technique to target high-profile security related sites. They
might "get lucky" if the administrators of these sites installs a
tainted package.
Source:
http://www.zdnet.com.au/newstech/enterprise/story/0,2000025001,20270855,
00.h
tm

      Virus: #1 Virus in USA: WORM KLEZ .H
      Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro
Virus Tracking Center [Infected Computers, North America, Past 24 hours,
#1 in United States]

      137(netbios-ns); 1433(ms-sql-s); 80 (http); 445 (microsoft-ds);
443(https); 53 (domain); 4662; 27374(asp); 21 (ftp); 139(netbios-ssn)
      Source: http://isc.incidents.org/top10.html; Internet Storm Center


_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats

• Next message: Crispin Cowan: "Re: CRIME FW: [Cyber_threats] Daily News 12/26/02"
• Previous message: Lyle Leavitt: "CRIME [Fwd: [Information_technology] Daily News 12/26/02]"
• Next in thread: Crispin Cowan: "Re: CRIME FW: [Cyber_threats] Daily News 12/26/02"
• Reply: Crispin Cowan: "Re: CRIME FW: [Cyber_threats] Daily News 12/26/02"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 26 2002 - 20:07:40 PST