|
FYI, I was using my work computer to jigdo-download a debian-stretch-source-DVD-iso to my computer. I was connected to the mirror debian.cc.lehigh.edu. During the transfer, my company's malware/virus filters flagged one of the files that came across. Here are the particulars of the alert: ---------------------------------------------------------- File Name: debian.cc.lehigh.edu/debian/pool/main/d/dbacl/dbacl_1.12.orig.tar.gz MD5: 048d8cf68e277ba2ab5d159dc395a65d Alert: Detected malware using "FSS_AutoMDE_Binary"/Trojan.JS.NoClose.a Reason for scan: On 2017-12-08 05:23:29, we received Fidelis Alert 187851, which indicates that GD-MS system [IP of my laptop] (URL of my laptop) connected to system 128.180.2.105
(debian.cc.lehigh.edu), located in Bethlehem, PA and possibly downloaded malware via the file dbacl_1.12.orig.tar.gz. of the 60 malware detection engines consulted, 23 engines positively identified variants of the Trojan.JS.NoClose.a malware. ---------------------------------------------------------- I read the description of the package and it mentioned that the application contains some functionality for recognizing spam. Perhaps the source code for this functionality
is what triggered the alert? If you have any information one this, can you let me know? Thanks, Warren Hastings This message and/or attachments may include information subject to GD Corporate Policies 07-103 and 07-105 and
is intended to be accessed only by authorized recipients. Use, storage and transmission are governed by General Dynamics and its policies. Contractual restrictions apply to third parties. Recipients should refer to the policies or contract to determine proper
handling. Unauthorized review, use, disclosure or distribution is prohibited. If you are not an intended recipient, please contact the sender and destroy all copies of the original message. |