Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Found in libpcap and tcpdump

Posted by michael on from the when-your-packet-sniffer-won't dept.

msolnik writes "Members of The Houston Linux Users Group discovered that the newest sources of libpcap and tcpdump available from tcpdump.org were contaminated with trojan code. HLUG has notified the maintainers of tcpdump.org. See our reports here or here."

10 of 486 comments (clear)

  1. YOU FAIL IT! by YOU+FAIL+IT! · · Score: -1, Troll

    Thats right, you have FAILED again. Worse, you were DEFEATED by an on topic post! Perhaps you should just give up and end this FAILURE of a life now.

  2. Re:Hmmm by Anonymous Coward · · Score: -1, Troll

    Stop! YOUR COMPUTER is BROADCASTING an IP address

  3. So much for peer auditing? by steve.m · · Score: 1, Troll

    The trojaned code has been around for almost a year, from the project homepage (where most people would go for the source), and nobody spotted it.

    It highlights the fact that a sizeable part of the open source user base either can't read code, or don't want to.

  4. Re:Glad I use Gentoo by Anonymous Coward · · Score: -1, Troll

    click

  5. Re:Eventually, this would happen by yatest5 · · Score: 1, Troll

    And if I don't remember, this happened befrore. Of course this is one of the biggest strenghts of the Open Source Model.
    Code is constantly audited, checked and corrected. If your closed source software has backdoors or trojans...well....who knows but on Open Source is easyly detected.

    Yes, what a strength! Yay for open source! When Windows is released with Trojans in nobody notices! Oh, what, it never has? Oh, they check it before it's burnt to CD do they? Oh, they should adopt these open-source practices so they can release trojan-infected code for their customers to find!

    Really, this is the most pathetic grabbing at strws I have seen, since, oooh, the last open source fuckup reported on slashdot. Accept, the fuckup, shutup and move on.

    --
    • Mod parent up! [a] by Anonymous Coward (Score:5) Thurs, June 31, @13:37
  6. Re:Glad I use Gentoo by Anonymous Coward · · Score: -1, Troll

    but people are usually tight-lipped

    While I would agree that this is generally the case, certain stories suggest this isn't always the case.

  7. Re:as soon as this evening... by jmo_jon · · Score: 1, Troll

    MOD PARENT UP

    he used the word apt_get

  8. Re:This is dreadful by yatest5 · · Score: 1, Troll

    Did Microsoft pay you for lost man-hours when your staff battled Nimda or Code Red? Didn't think so.

    Insightful my ass. Did those virii come distributed with the product? Now you're going to tell me there are ABSOLUTELY NO possible security holes in open source software, ever right? Go on...

    --
    • Mod parent up! [a] by Anonymous Coward (Score:5) Thurs, June 31, @13:37
  9. Re:Eventually, this would happen by Hard_Code · · Score: 1, Troll

    "Don't think for a second that Microsoft hasn't put back doored software onto your computer.. that's already been documented."

    What a load of crap! Internet Explorer saves your URL/Searches! STOP THE PRESSES! Internet Explorer saves cookies and history! BREAKING NEWS! OMIGOD IT'S A CONSPIRACY! Whoa, Microsoft installed "secret" files! How evil! The system attribute has only been around since, uh, DOS 1.0 or something! What a fucking load of breathless alarmism!

    Anybody who has used a Microsoft OS knows about this. Why don't you talk next about "stealth dot files!", or "why Linus Torvalds doesn't want you to cat files in /dev!" or "history file records your actions!"

    --

    It's 10 PM. Do you know if you're un-American?
  10. Re:One too many? by Iamthefallen · · Score: 1, Troll

    So if a Microsoft System gets hacked, it's Microsoft users fault? And if a Linux system gets hacked, it's still Microsoft users fault? Sooo, basically everything is Microsofts fault?

    --
    Wax-Museum Fire Results In Hundreds Of New Danny DeVito Statues