trojan tcpdump?
Wolfgang S. Rupprecht
wolfgang.rupprecht+gnus200703 at gmail.com
Fri Mar 16 00:53:54 UTC 2007
An FC6 yum update I just did downloaded an unsigned tcpdump rpm.
Seeing how this program is meant to be run as root, it definitely made
me go hmmmm. Whats up with this? Trojan or just a signing slip up?
Yum update log appended. The kicker is in the last logged line.
-wolfgang
# yum update -y
Loading "installonlyn" plugin
Loading "fastestmirror" plugin
Setting up Update Process
Setting up repositories
livna 100% |=========================| 1.1 kB 00:00
core 100% |=========================| 1.1 kB 00:00
updates 100% |=========================| 1.2 kB 00:00
http://fedora.cs.wisc.edu/pub/mirrors/linux/download.fedora.redhat.com/pub/fedora/linux/extras/6/x86_64/repodata/repomd.xml: [Errno 14] HTTP Error 503: Date: Fri, 16 Mar 2007 00:37:09 GMT
Server: Apache
Last-Modified: Tue, 27 Feb 2007 21:02:38 GMT
ETag: "49800094-c15-93ed7780"
Accept-Ranges: bytes
Content-Length: 3093
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Trying other mirror.
extras 100% |=========================| 1.1 kB 00:00
Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 522 kB 00:03
updates : ################################################## 1567/1567
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for ntp to pack into transaction set.
ntp-4.2.4p0-1.fc6.x86_64. 100% |=========================| 33 kB 00:00
---> Package ntp.x86_64 0:4.2.4p0-1.fc6 set to be updated
---> Downloading header for tcpdump to pack into transaction set.
tcpdump-3.9.4-10.fc6.x86_ 100% |=========================| 15 kB 00:00
---> Package tcpdump.x86_64 14:3.9.4-10.fc6 set to be updated
---> Downloading header for libpcap to pack into transaction set.
libpcap-0.9.4-10.fc6.x86_ 100% |=========================| 15 kB 00:00
---> Package libpcap.x86_64 14:0.9.4-10.fc6 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Updating:
libpcap x86_64 14:0.9.4-10.fc6 updates 96 k
ntp x86_64 4.2.4p0-1.fc6 updates 1.4 M
tcpdump x86_64 14:3.9.4-10.fc6 updates 449 k
Transaction Summary
=============================================================================
Install 0 Package(s)
Update 3 Package(s)
Remove 0 Package(s)
Total download size: 2.0 M
Downloading Packages:
(1/3): ntp-4.2.4p0-1.fc6. 100% |=========================| 1.4 MB 00:05
(2/3): tcpdump-3.9.4-10.f 100% |=========================| 449 kB 00:01
(3/3): libpcap-0.9.4-10.f 100% |=========================| 96 kB 00:00
Package tcpdump-3.9.4-10.fc6.x86_64.rpm is not signed
#
More information about the fedora-list
mailing list