Fake email targets Red Hat Linux
Results 1 to 3 of 3

Thread: Fake email targets Red Hat Linux

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Fake email targets Red Hat Linux

    LINUX distributor Red Hat has warned about an email scam designed to lure users of its open source software to download a fake update.

    The emails appear to come from Red Hat's security team and urge users to download and run a supposed update from their home directory.

    The update appeared to contain malicious code, Red Had said in an online security advisory.

    "Official messages from the Red Hat security team are never unsolicited, are always sent from the address secalert@redhat.com and are digitally signed by GPG," the advisory said.

    "All official updates for Red Hat products are digitally signed and should not be installed unless they are correctly signed and the signature is verified."
    Source : http://www.news.com.au/common/story_...E15306,00.html
    -Simon \"SDK\"

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    DjM

  3. #3
    Junior Member
    Join Date
    Nov 2004
    Posts
    10
    Sorry to go off topic here, but they mentioned digitally signed updates (or software for that matter). My question is how do they accomplish this, and wouldn't an attacker be able to generate this same digital code?
    Did I do that??

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides