Results 1 to 3 of 3

Thread: Fake email targets Red Hat Linux

  1. October 29th, 2004, 02:05 PM #1
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Fake email targets Red Hat Linux

    LINUX distributor Red Hat has warned about an email scam designed to lure users of its open source software to download a fake update.

    The emails appear to come from Red Hat's security team and urge users to download and run a supposed update from their home directory.

    The update appeared to contain malicious code, Red Had said in an online security advisory.

    "Official messages from the Red Hat security team are never unsolicited, are always sent from the address secalert@redhat.com and are digitally signed by GPG," the advisory said.

    "All official updates for Red Hat products are digitally signed and should not be installed unless they are correctly signed and the signature is verified."
    Source : http://www.news.com.au/common/story_...E15306,00.html
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
  2. October 29th, 2004, 02:09 PM #2
    DjM
    DjM is offline
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Ah.....beat ya SDK

    http://www.antionline.com/showthread...960#post801960

    Cheers:
    DjM
    Reply With Quote Reply With Quote
  3. December 4th, 2004, 05:30 AM #3
    Dew-Worm
    Dew-Worm is offline
    Junior Member
    Join Date
    Nov 2004
    Posts
    10
    Sorry to go off topic here, but they mentioned digitally signed updates (or software for that matter). My question is how do they accomplish this, and wouldn't an attacker be able to generate this same digital code?
    Did I do that??
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules