[tforum] [Fwd: Trojan in TCP Dump]

Joe Breen Joe.Breen@utah.edu
Wed, 13 Nov 2002 13:55:24 -0700


Be aware of the following if you just upgraded your libpcap or tcpdump 
within the past week.  Many programs rely on libpcap, i.e. snort, 
ethereal, ...

I have followed the links and read the stories.  Everything seems legit. 
  Just verify the MD5 checksums if you performed a recent download.

	Univ. of Utah Center for High Performance Computing

-------- Original Message --------
Subject: Trojan in TCP Dump
Date: Wed, 13 Nov 2002 14:08:14 -0500
From: Matthew Bukaty <MatthewB@4GUARDIAN.COM>
Reply-To: Windows NTBugtraq Mailing List <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>

Slashdot.org is reporting the following:

Trojan Found in libpcap and tcpdump
Posted by michael on Wednesday November 13, @08:24AM
from the when-your-packet-sniffer-won't dept.
msolnik writes "Members of The Houston Linux Users Group discovered that the
newest sources of libpcap and tcpdump available from tcpdump.org were
contaminated with trojan code. HLUG has notified the maintainers of
tcpdump.org. See our reports here or here."

( Read More... | 255 of 387 comments )

The Link to the article can be found here: http://hlug.fscker.com/

Matthew T. Bukaty
MIS Director
Guardian International
(954) 926 - 1800 Ext. 333

Technology Advisory Committee Chairman
Network Security Lecturer
Broward Community College