Beware 'Fedora-Redhat' Fake Security Alert 628
rixdaffy writes "I just received an email from the 'Redhat Security Team' telling me that I needed to download some tar file from fedora-redhat.com. Besides the fact that I don't use Red Hat/Fedora, I immediately smelled something fishy. Maybe it's not the first trojan targeted at Linux users, but together with the official sounding domain, it could trick some users into downloading and running the binary. It looks like Red Hat is already aware of the issue." According to Red Hat's page, "These emails tell users to download and run an update from a users home directory. This fake update appears to contain malicious code." Update: 10/25 01:32 GMT by T : One borked link, unborked.
Re:We knew this day would come (Score:5, Funny)
Whois (Score:1, Funny)
Domain Name.......... fedora-redhat.com
Creation Date........ 2004-10-24
Registration Date.... 2004-10-24
Expiry Date.......... 2005-10-24
Organisation Name.... Raymond Jackson
Organisation Address. 224 Cedar Avenue
Organisation Address.
Organisation Address. New York
Organisation Address. 95301
Organisation Address. NY
Organisation Address. UNITED STATES
Admin Name........... Raymond Jackson
Admin Address........ 224 Cedar Avenue
Admin Address........
Admin Address........ New York
Admin Address........ 95301
Admin Address........ NY
Admin Address........ UNITED STATES
Admin Email.......... rayjackson23@yahoo.com
Admin Phone.......... +1.2098994533
Admin Fax............
Tech Name............ YahooDomains TechContact
Tech Address......... 701 First Ave.
Tech Address.........
Tech Address......... Sunnyvale
Tech Address......... 94089
Tech Address......... CA
Tech Address......... UNITED STATES
Tech Email........... domain.tech@YAHOO-INC.COM
Tech Phone........... +1.6198813096
Tech Fax............. +1.6198813010
Name Server.......... yns1.yahoo.com
Name Server.......... yns2.yahoo.com
Looks like somebody's gonna get arrested.
Surprisingly (Score:5, Funny)
Everyone checks the gpg signatures right?
Use the /. effect for good (Score:4, Funny)
Re:I wonder... (Score:4, Funny)
PHEW! (Score:5, Funny)
Linux - Where the malware comes with the source (Score:5, Funny)
Re:Finally... (Score:5, Funny)
It keeps the "Mandrake Crew" off of the debian-users lists.
Coding 0, Grammar 0. (Score:5, Funny)
But I am running SUSE! Am I adviced in similar fashion? Perhaps I too should applying patch lest SUSE found vulnerability also? Thankyou to www.fedora-redhat.com for adviced me in this helpful manner against remote attackers!
Re:PHEW! (Score:0, Funny)
Re:Trademark infringement... (Score:3, Funny)
Re:text of site (Score:5, Funny)
Stupidity (Score:3, Funny)
Checksum (Score:4, Funny)
68349c219d941209af8f7c968b89d622 *fileutils-1.0.6.patch.tar.gz
So you can be sure you're getting the real fake patch.
Re:Christ, they didn't do a very good job... (Score:5, Funny)
Thus we would like to thank you for your generous time in helping this valuable project reach its full potential.
You may also like to take note of our web site www.bugzilla-Fedora-Redhat.com, where we have set up a forum dedicated to improving our product.
Re:Here's what WHOIS says: (Score:5, Funny)
Sorry to dissapoint you, but I doubt he owns the domain - they offer free webmail, so it's likely he just signed up for an account. Presumably they didn't stop anyone from getting the username 'root' - I signed up for 'administrator' just now (password 'monkey' if you don't believe me) with no problems.
Re:Linux - Where the malware comes with the source (Score:5, Funny)
Probabilities: (Score:5, Funny)
If the Antivirus companies were responsible, they'd have done a better job.
If Microsoft was responsible, they wouldn't have included any source code.
If SCO was responsible, they'd have included sourcecode and then sued you for running it
All things taken into consideration, I'm with 'other' on this one
I love it! (Score:5, Funny)
(Mind you, I'm no better. First time I got a computer virus, when I was running MSDOS, my first reaction was to run a binary diff against a clean version of the file, and disassemble the result to see what it did. Do you know if there's a cure for this?)
Re:Use SPF to protect yourself from phishing (Score:3, Funny)
Re: I'll try it... Execution results! (Score:3, Funny)
Re: I'll try it... Execution results! (Score:5, Funny)
If you do, make sure the IP addresses are of
Re:Contents of inst.c... (Score:5, Funny)
Hey, stop trying to deny my GPL rights you Windows-loving tyrant!
I knew it (Score:2, Funny)
Re:Real link? (Score:2, Funny)
/usr/sbin/ab2 -n 10000000 -c 10 'http://www.fedora-redhat.com/?you=asshole&garbag
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.121.2.8 $> apache-2.0
Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/
Benchmarking www.fedora-redhat.com (be patient)
Blow by blow (Score:2, Funny)
Re:Real link? (Score:4, Funny)
Oops.
--Re:Stupid Tricks? (Score:5, Funny)
No monitor.
Re:Christ, they didn't do a very good job... (Score:3, Funny)
Re:Christ, they didn't do a very good job... (Score:2, Funny)
Re:I love it! (Score:3, Funny)
Re: I'll try it... Execution results! (Score:3, Funny)
Try:
These are more than good enough.
Re:look at this in a diffrent way (Score:3, Funny)
"Attached is a sexy picture of Anna Kournikova.
To view the picture, simply:
1) save the attachment
2) su -
3) tar -xjf anna.tar.gz
4)
5) make
6) make install
7) anna"
This is what happens... (Score:3, Funny)
This is an unfortunate reality today. Back in my day, the only way to be a real Linux guru was to compile and build your system from scratch [linuxfromscratch.org] using a dev box.
Nowadays, any average person [cnn.com] can easily install [tweakers.net] Linux and instantly become "31337" [somethingawful.com]. Today's typical Linux user [thestranger.com] has no idea what half the files on his system do, or where they came from [fsu.edu]. Unforunately, the majority of you [telusplanet.net] with moderator [1041kxdd.com] points fall into this category so my post is doomed [funhouse.com]!
I would advise those who are new to Linux to visit the Linux From Scratch website [linuxfromscratch.org] and set aside a weekend of learning. There is no better method for gaining useful knowledge regarding the reduction of hard drive clutter and increasiong optimization, and security.
Re: text (Why? Because.) (Score:5, Funny)
Re:Jobs (Score:1, Funny)
Re:Christ, they didn't do a very good job... (Score:3, Funny)
I was in a hurry, I didn't even think about the fact that Redhat is not Progeny, so my response was to simply run "yum update", a quick preview (there was only like two, not very important packages to update) and that was it. All of about 5 minutes, and I did nothing further, since the kernel wasn't updated and no running services were affected.
I forgot all about it until now, reading this article!
Re: text (Why? Because.) (Score:5, Funny)
Thank you.
Re:Christ, they didn't do a very good job... (Score:3, Funny)
It's more than just a faulty presentation--the whole premise is innane:
ls and mkdir are running as a network server with root privileges? How did that happen?
Besides, we all know RedHat systems configure ls and mkdir to change to low-privilege users (lsnobody and mkdirnobody) after accepting the connection (unless you modify /etc/ls.conf or /etc/mkdir.conf, that is).
Re:Christ, they didn't do a very good job... (Score:4, Funny)
We do?