FYI, Malware at Fedora-RedHat.COM ...
Kevin J. Cummings
cummings at kjchome.homeip.net
Mon Oct 25 03:08:56 UTC 2004
Brian Fahrlander wrote:
> On Sun, 2004-10-24 at 18:30, Bryan J. Smith wrote:
>
>>FYI, I received an e-mail from the U of Texas at Arlington (see e-mail
>>header portion in the first post below) that gave me instructions on a
>>patch. I haven't tried it, but given the approach, I can only assume
>>it's some sort of malware. It's a rather lame attempt too.
>>
>>At first I thought it just was someone in a LUG messing with me. I
>>didn't want to turn this stuff over to Red Hat if it was just an
>>individual having fun with only me. But it appears that people on the
>>OpenBSD list have been getting them too.
>>
>>I'm sure the trademark in the domain name makes this easy if all other
>>attempts to shut the site down fail.
>>
>>Posts to LEAPLIST/NTLUG I made with more details (including the e-mail
>>header):
>> http://lists.leap-cf.org/pipermail/leaplist/2004-October/040716.html
>>http://ntlug.org/pipermail/discuss/Week-of-Mon-20041018/022702.html
>>
>>First confirmation that it is public:
>> http://lists.leap-cf.org/pipermail/leaplist/2004-October/040722.html
>>http://ntlug.org/pipermail/discuss/Week-of-Mon-20041018/022705.html
>>
>>Other follow-ups:
>> http://lists.leap-cf.org/pipermail/leaplist/2004-October/040717.html
>>http://lists.leap-cf.org/pipermail/leaplist/2004-October/040719.html
>>http://ntlug.org/pipermail/discuss/Week-of-Mon-20041018/022703.html
>>
>>The actual site:
>> http://www.fedora-redhat.com/
>
>
> Good man, for reporting it. It's good to pass around this kind of
> information.
>
>
Here's some info on the "domain"
> ]# whois fedora-redhat.com
> [Querying whois.internic.net]
> [Redirected to whois.melbourneit.com]
> [Querying whois.melbourneit.com]
> [whois.melbourneit.com]
>
> Domain Name.......... fedora-redhat.com
> Creation Date........ 2004-10-24
> Registration Date.... 2004-10-24
> Expiry Date.......... 2005-10-24
> Organisation Name.... Raymond Jackson
> Organisation Address. 224 Cedar Avenue
> Organisation Address.
> Organisation Address. New York
> Organisation Address. 95301
> Organisation Address. NY
> Organisation Address. UNITED STATES
>
> Admin Name........... Raymond Jackson
> Admin Address........ 224 Cedar Avenue
> Admin Address........
> Admin Address........ New York
> Admin Address........ 95301
> Admin Address........ NY
> Admin Address........ UNITED STATES
> Admin Email.......... rayjackson23 at yahoo.com
> Admin Phone.......... +1.2098994533
> Admin Fax............
>
> Tech Name............ YahooDomains TechContact
> Tech Address......... 701 First Ave.
> Tech Address.........
> Tech Address......... Sunnyvale
> Tech Address......... 94089
> Tech Address......... CA
> Tech Address......... UNITED STATES
> Tech Email........... domain.tech at YAHOO-INC.COM
> Tech Phone........... +1.6198813096
> Tech Fax............. +1.6198813010
> Name Server.......... yns1.yahoo.com
> Name Server.......... yns2.yahoo.com
>
--
Kevin J. Cummings
kjchome at rcn.com
cummings at kjchome.homeip.net
cummings at kjc386.framingham.ma.us
More information about the fedora-list
mailing list