FYI, Malware at Fedora-RedHat.COM ...

W. Guy Thomas mrguytx at austin.rr.com
Mon Oct 25 03:27:21 UTC 2004 

On Sun, 2004-10-24 at 23:08 -0400, Kevin J. Cummings wrote:
> Brian Fahrlander wrote:
> > On Sun, 2004-10-24 at 18:30, Bryan J. Smith wrote:
> > 
> >>FYI, I received an e-mail from the U of Texas at Arlington (see e-mail
> >>header portion in the first post below) that gave me instructions on a
> >>patch.  I haven't tried it, but given the approach, I can only assume
> >>it's some sort of malware.  It's a rather lame attempt too.
> >>
> >>At first I thought it just was someone in a LUG messing with me.  I
> >>didn't want to turn this stuff over to Red Hat if it was just an
> >>individual having fun with only me.  But it appears that people on the
> >>OpenBSD list have been getting them too.
> >>
> >>I'm sure the trademark in the domain name makes this easy if all other
> >>attempts to shut the site down fail.
> >>
> >>Posts to LEAPLIST/NTLUG I made with more details (including the e-mail
> >>header):  
> >> http://lists.leap-cf.org/pipermail/leaplist/2004-October/040716.html
> >>http://ntlug.org/pipermail/discuss/Week-of-Mon-20041018/022702.html
> >>
> >>First confirmation that it is public:  
> >> http://lists.leap-cf.org/pipermail/leaplist/2004-October/040722.html
> >>http://ntlug.org/pipermail/discuss/Week-of-Mon-20041018/022705.html
> >>
> >>Other follow-ups:  
> >> http://lists.leap-cf.org/pipermail/leaplist/2004-October/040717.html
> >>http://lists.leap-cf.org/pipermail/leaplist/2004-October/040719.html
> >>http://ntlug.org/pipermail/discuss/Week-of-Mon-20041018/022703.html
> >>
> >>The actual site:  
> >> http://www.fedora-redhat.com/  
> > 
> > 
> >     Good man, for reporting it. It's good to pass around this kind of
> > information.
> > 
> > 
> 
> Here's some info on the "domain"
> 
> > ]# whois fedora-redhat.com
> > [Querying whois.internic.net]
> > [Redirected to whois.melbourneit.com]
> > [Querying whois.melbourneit.com]
> > [whois.melbourneit.com]
> >  
> > Domain Name.......... fedora-redhat.com
> >   Creation Date........ 2004-10-24
> >   Registration Date.... 2004-10-24
> >   Expiry Date.......... 2005-10-24
> >   Organisation Name.... Raymond Jackson
> >   Organisation Address. 224 Cedar Avenue
> >   Organisation Address.
> >   Organisation Address. New York
> >   Organisation Address. 95301
> >   Organisation Address. NY
> >   Organisation Address. UNITED STATES
> >  
> > Admin Name........... Raymond Jackson
> >   Admin Address........ 224 Cedar Avenue
> >   Admin Address........
> >   Admin Address........ New York
> >   Admin Address........ 95301
> >   Admin Address........ NY
> >   Admin Address........ UNITED STATES
> >   Admin Email.......... rayjackson23 at yahoo.com
> >   Admin Phone.......... +1.2098994533
> >   Admin Fax............
> >  
> > Tech Name............ YahooDomains TechContact
> >   Tech Address......... 701 First Ave.
> >   Tech Address.........
> >   Tech Address......... Sunnyvale
> >   Tech Address......... 94089
> >   Tech Address......... CA
> >   Tech Address......... UNITED STATES
> >   Tech Email........... domain.tech at YAHOO-INC.COM
> >   Tech Phone........... +1.6198813096
> >   Tech Fax............. +1.6198813010
> >   Name Server.......... yns1.yahoo.com
> >   Name Server.......... yns2.yahoo.com
> >  
> 
> 
> -- 
> Kevin J. Cummings
> kjchome at rcn.com
> cummings at kjchome.homeip.net
> cummings at kjc386.framingham.ma.us
> 
ok time for you new yorkers to take some digital cams and start taking
pics...

stalk and freak.

=G

22:26:49 up 51 min, 2 users, load average: 2.40, 2.30, 1.99

More information about the fedora-list mailing list