Thu Nov 21 23:26:47 2024
EVENTS
 FREE
SOFTWARE
INSTITUTE
 POLITICS
 JOBS
 MEMBERS'
CORNER
 MAILING
LIST
NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2012-11-01

HANGOUT

2024-11-21 | 2024-10-21 | 2024-09-21 | 2024-08-21 | 2024-07-21 | 2024-06-21 | 2024-05-21 | 2024-04-21 | 2024-03-21 | 2024-02-21 | 2024-01-21 | 2023-12-21 | 2023-11-21 | 2023-10-21 | 2023-09-21 | 2023-08-21 | 2023-07-21 | 2023-06-21 | 2023-05-21 | 2023-04-21 | 2023-03-21 | 2023-02-21 | 2023-01-21 | 2022-12-21 | 2022-11-21 | 2022-10-21 | 2022-09-21 | 2022-08-21 | 2022-07-21 | 2022-06-21 | 2022-05-21 | 2022-04-21 | 2022-03-21 | 2022-02-21 | 2022-01-21 | 2021-12-21 | 2021-11-21 | 2021-10-21 | 2021-09-21 | 2021-08-21 | 2021-07-21 | 2021-06-21 | 2021-05-21 | 2021-04-21 | 2021-03-21 | 2021-02-21 | 2021-01-21 | 2020-12-21 | 2020-11-21 | 2020-10-21 | 2020-09-21 | 2020-08-21 | 2020-07-21 | 2020-06-21 | 2020-05-21 | 2020-04-21 | 2020-03-21 | 2020-02-21 | 2020-01-21 | 2019-12-21 | 2019-11-21 | 2019-10-21 | 2019-09-21 | 2019-08-21 | 2019-07-21 | 2019-06-21 | 2019-05-21 | 2019-04-21 | 2019-03-21 | 2019-02-21 | 2019-01-21 | 2018-12-21 | 2018-11-21 | 2018-10-21 | 2018-09-21 | 2018-08-21 | 2018-07-21 | 2018-06-21 | 2018-05-21 | 2018-04-21 | 2018-03-21 | 2018-02-21 | 2018-01-21 | 2017-12-21 | 2017-11-21 | 2017-10-21 | 2017-09-21 | 2017-08-21 | 2017-07-21 | 2017-06-21 | 2017-05-21 | 2017-04-21 | 2017-03-21 | 2017-02-21 | 2017-01-21 | 2016-12-21 | 2016-11-21 | 2016-10-21 | 2016-09-21 | 2016-08-21 | 2016-07-21 | 2016-06-21 | 2016-05-21 | 2016-04-21 | 2016-03-21 | 2016-02-21 | 2016-01-21 | 2015-12-21 | 2015-11-21 | 2015-10-21 | 2015-09-21 | 2015-08-21 | 2015-07-21 | 2015-06-21 | 2015-05-21 | 2015-04-21 | 2015-03-21 | 2015-02-21 | 2015-01-21 | 2014-12-21 | 2014-11-21 | 2014-10-21 | 2014-09-21 | 2014-08-21 | 2014-07-21 | 2014-06-21 | 2014-05-21 | 2014-04-21 | 2014-03-21 | 2014-02-21 | 2014-01-21 | 2013-12-21 | 2013-11-21 | 2013-10-21 | 2013-09-21 | 2013-08-21 | 2013-07-21 | 2013-06-21 | 2013-05-21 | 2013-04-21 | 2013-03-21 | 2013-02-21 | 2013-01-21 | 2012-12-21 | 2012-11-21 | 2012-10-21 | 2012-09-21 | 2012-08-21 | 2012-07-21 | 2012-06-21 | 2012-05-21 | 2012-04-21 | 2012-03-21 | 2012-02-21 | 2012-01-21 | 2011-12-21 | 2011-11-21 | 2011-10-21 | 2011-09-21 | 2011-08-21 | 2011-07-21 | 2011-06-21 | 2011-05-21 | 2011-04-21 | 2011-03-21 | 2011-02-21 | 2011-01-21 | 2010-12-21 | 2010-11-21 | 2010-10-21 | 2010-09-21 | 2010-08-21 | 2010-07-21 | 2010-06-21 | 2010-05-21 | 2010-04-21 | 2010-03-21 | 2010-02-21 | 2010-01-21 | 2009-12-21 | 2009-11-21 | 2009-10-21 | 2009-09-21 | 2009-08-21 | 2009-07-21 | 2009-06-21 | 2009-05-21 | 2009-04-21 | 2009-03-21 | 2009-02-21 | 2009-01-21 | 2008-12-21 | 2008-11-21 | 2008-10-21 | 2008-09-21 | 2008-08-21 | 2008-07-21 | 2008-06-21 | 2008-05-21 | 2008-04-21 | 2008-03-21 | 2008-02-21 | 2008-01-21 | 2007-12-21 | 2007-11-21 | 2007-10-21 | 2007-09-21 | 2007-08-21 | 2007-07-21 | 2007-06-21 | 2007-05-21 | 2007-04-21 | 2007-03-21 | 2007-02-21 | 2007-01-21 | 2006-12-21 | 2006-11-21 | 2006-10-21 | 2006-09-21 | 2006-08-21 | 2006-07-21 | 2006-06-21 | 2006-05-21 | 2006-04-21 | 2006-03-21 | 2006-02-21 | 2006-01-21 | 2005-12-21 | 2005-11-21 | 2005-10-21 | 2005-09-21 | 2005-08-21 | 2005-07-21 | 2005-06-21 | 2005-05-21 | 2005-04-21 | 2005-03-21 | 2005-02-21 | 2005-01-21 | 2004-12-21 | 2004-11-21 | 2004-10-21 | 2004-09-21 | 2004-08-21 | 2004-07-21 | 2004-06-21 | 2004-05-21 | 2004-04-21 | 2004-03-21 | 2004-02-21 | 2004-01-21 | 2003-12-21 | 2003-11-21 | 2003-10-21 | 2003-09-21 | 2003-08-21 | 2003-07-21 | 2003-06-21 | 2003-05-21 | 2003-04-21 | 2003-03-21 | 2003-02-21 | 2003-01-21 | 2002-12-21 | 2002-11-21 | 2002-10-21 | 2002-09-21 | 2002-08-21 | 2002-07-21 | 2002-06-21 | 2002-05-21 | 2002-04-21 | 2002-03-21 | 2002-02-21 | 2002-01-21 | 2001-12-21 | 2001-11-21 | 2001-10-21 | 2001-09-21 | 2001-08-21 | 2001-07-21 | 2001-06-21 | 2001-05-21 | 2001-04-21 | 2001-03-21 | 2001-02-21 | 2001-01-21 | 2000-12-21 | 2000-11-21 | 2000-10-21 | 2000-09-21 | 2000-08-21 | 2000-07-21 | 2000-06-21 | 2000-05-21 | 2000-04-21 | 2000-03-21 | 2000-02-21 | 2000-01-21 | 1999-12-21

Key: Value:

Key: Value:

MESSAGE
DATE 2012-11-23
FROM Ruben Safir
SUBJECT Subject: [NYLXS - HANGOUT] Linux security news
http://www.esecurityplanet.com/malware/new-linux-rootkit-uncovered.html

New Linux Rootkit Uncovered

The malware appears to be contract work by an intermediate-level Russian
programmer, according to an analysis by CrowdStrike.
By Jeff Goldman | November 22, 2012

Share

New Linux malware was recently discovered by a user who published its
details on the Full Disclosure mailing list.

"The anonymous poster, who runs a web service, found the rootkit on
company servers after customers said they were redirected to malicious
sites," writes SC Magazine's Danielle Walker.

"The binary is more than 500k, but its size is due to the fact that it
hasn't been stripped (i.e. it was compiled with the debugging
information)," writes Kaspersky's Marta Janus. "Perhaps it's still in
the development stage, because some of the functions don’t seem to be
fully working or they are not fully implemented yet."

"The software nasty targets machines running 64-bit GNU/Linux and a web
server, and acts like a rootkit by hiding itself from administrators,"
writes The Register's John Leyden. "A browser fetching a website served
by the compromised system will be quietly directed via an HTML iframe to
malicious sites loaded with malware to attack the web visitor's machine."

"Considering that this rootkit was used to non-selectively inject
iframes into nginx webserver responses, it seems likely that this
rootkit is part of a generic cyber crime operation and not a targeted
attack," CrowdStrike senior security researcher Georg Wicherski wrote in
a detailed analysis. "However, a Waterhole attack, where a site mostly
visited from a certain target audience is infected, would also be
plausible. Since no identifying strings yielded results in an Internet
search ... it appears that this is not a modification of a publicly
available rootkit. Rather, it seems that this is contract work of an
intermediate programmer with no extensive kernel experience, later
customized beyond repair by the buyer."

"The firm, looking at the tools, techniques and procedures employed and
some background information it could not disclose, suggested the creator
of the rootkit was likely to be Russian," writes TechWeekEurope's Tom
Brewster.

  1. 2012-11-01 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  2. 2012-11-01 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  3. 2012-11-01 Robert Menes <viewtiful.icchan-at-gmail.com> Re: [NYLXS - HANGOUT] hwo is everyone
  4. 2012-11-01 Kevin Mark <kevin.mark-at-verizon.net> Re: [NYLXS - HANGOUT] hwo is everyone
  5. 2012-11-01 Kevin Mark <kevin.mark-at-verizon.net> Re: [NYLXS - HANGOUT] hwo is everyone
  6. 2012-11-01 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] hwo is everyone
  7. 2012-11-01 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] kicked out of another forum
  8. 2012-11-01 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  9. 2012-11-01 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  10. 2012-11-02 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  11. 2012-11-03 Redpill <redpill-at-rcn.com> Re: [NYLXS - HANGOUT] hwo is everyone
  12. 2012-11-03 Redpill <redpill-at-rcn.com> Re: [NYLXS - HANGOUT] hwo is everyone
  13. 2012-11-03 From: "Michael L. Richardson" <mlr52-at-mycouponmagic.com> Re: [NYLXS - HANGOUT] hwo is everyone
  14. 2012-11-03 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  15. 2012-11-03 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  16. 2012-11-03 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  17. 2012-11-03 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  18. 2012-11-03 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] hwo is everyone
  19. 2012-11-05 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] pre-election news
  20. 2012-11-05 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  21. 2012-11-05 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Micheal George
  22. 2012-11-05 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  23. 2012-11-05 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  24. 2012-11-05 Redpill <redpill-at-rcn.com> Re: [NYLXS - HANGOUT] hwo is everyone
  25. 2012-11-05 Redpill <redpill-at-rcn.com> Re: [NYLXS - HANGOUT] hwo is everyone
  26. 2012-11-05 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  27. 2012-11-05 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] city on edge
  28. 2012-11-06 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [arosen-at-appnexus.com: [MySQL-NYC] AppNexus is Hiring!]
  29. 2012-11-06 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Cat 5 Cable
  30. 2012-11-06 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [fegshealth-at-fegshealth.pmailus.com: Apply IMMEDIATELY for
  31. 2012-11-07 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [groups-noreply-at-linkedin.com: New job Perl Developers - now hiring
  32. 2012-11-07 Contrarian <adrba-at-nyct.net> Re: [NYLXS - HANGOUT] city on edge
  33. 2012-11-07 Contrarian <adrba-at-nyct.net> Re: [NYLXS - HANGOUT] city on edge
  34. 2012-11-07 Contrarian <adrba-at-nyct.net> Re: [NYLXS - HANGOUT] city on edge
  35. 2012-11-07 Contrarian <adrba-at-nyct.net> Re: [NYLXS - HANGOUT] city on edge
  36. 2012-11-07 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] city on edge
  37. 2012-11-07 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] city on edge
  38. 2012-11-07 Kevin Mark <kevin.mark-at-verizon.net> Re: [NYLXS - HANGOUT] city on edge
  39. 2012-11-08 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] city on edge
  40. 2012-11-08 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Fwd: [MySQL-NYC] Database Month new post-hurricane schedule - next
  41. 2012-11-08 Paul Robert Marino <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  42. 2012-11-08 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  43. 2012-11-08 Paul Robert Marino <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  44. 2012-11-08 Paul Robert Marino <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] kicked out of another forum
  45. 2012-11-09 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] city stuff
  46. 2012-11-09 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] tech-nite
  47. 2012-11-09 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Lets play -what the hell is this!
  48. 2012-11-09 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [isoc-ny] NEWS RELEASE: Internet Society and its New York Chapter
  49. 2012-11-09 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [groups-noreply-at-linkedin.com: New job Akamai NOW Hiring in
  50. 2012-11-10 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [JobAlerts-at-CyberCoders.com: 15+ new php developer jobs in
  51. 2012-11-13 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Sunday Meeting
  52. 2012-11-15 Ruben Safir <mrbrklyn-at-panix.com> Subject: [mrbrklyn-at-panix.com: [NYLXS - HANGOUT] Sunday Meeting]
  53. 2012-11-17 Ruben Safir <mrbrklyn-at-panix.com> Subject: [mrbrklyn-at-panix.com: [mrbrklyn-at-panix.com: [NYLXS - HANGOUT] Sunday
  54. 2012-11-18 Redpill <redpill-at-rcn.com> Re: [NYLXS - HANGOUT] hwo is everyone
  55. 2012-11-18 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] hwo is everyone
  56. 2012-11-18 From: "Redpill" <red.pill-at-verizon.net> Subject: [NYLXS - HANGOUT] test
  57. 2012-11-19 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Online Privacy
  58. 2012-11-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] check out this crackpot
  59. 2012-11-21 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] check out this crackpot
  60. 2012-11-21 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] check out this crackpot
  61. 2012-11-22 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Black friday shopping?
  62. 2012-11-22 From: "Redpill" <red.pill-at-verizon.net> RE: [NYLXS - HANGOUT] Black friday shopping?
  63. 2012-11-22 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] Black friday shopping?
  64. 2012-11-23 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Linux security news
  65. 2012-11-25 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Apple Patent Lawsuites
  66. 2012-11-26 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Fwd: Re: [conspire] No Copyright Intended
  67. 2012-11-26 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] New Server
  68. 2012-11-26 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Fwd: Re: [conspire] (forw) Re: Fwd: Gnome-shell very slow on boot
  69. 2012-11-26 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] New Server
  70. 2012-11-26 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] New Server
  71. 2012-11-26 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Fwd: [isoc-ny] Fwd: [Computers_and_society_announcements] Great upcoming
  72. 2012-11-26 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Fwd: I think this adequately explains everything
  73. 2012-11-27 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] sttng movie
  74. 2012-11-27 Kevin Mark <kevin.mark-at-verizon.net> Re: [NYLXS - HANGOUT] sttng movie
  75. 2012-11-27 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] sttng movie
  76. 2012-11-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] server on the last leg
  77. 2012-11-28 swd <sderrick-at-optonline.net> Subject: [NYLXS - HANGOUT] I think this adequately explains everything
  78. 2012-11-29 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] sttng movie
  79. 2012-11-30 Kevin Mark <kevin.mark-at-verizon.net> Re: [NYLXS - HANGOUT] sttng movie
  80. 2012-11-30 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] sttng movie
  81. 2012-11-30 Kevin Mark <kevin.mark-at-verizon.net> Re: [NYLXS - HANGOUT] sttng movie

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!