Re: wont install

To: Debian-User <debian-user@lists.debian.org>
Subject: Re: wont install
From: Ron Johnson <ron.l.johnson@cox.net>
Date: Thu, 16 Oct 2003 23:19:50 -0500
Message-id: <[🔎] 1066364389.12390.167.camel@haggis>
In-reply-to: <[🔎] 3F8F6B23.9020704@yahoo.es>
References: <[🔎] 000901c215a8$67c88a00$2cf3fea9@stuart> <[🔎] 3F8F5B9F.5050606@yahoo.es> <[🔎] 20031017031012.GA1814@comcast.net> <[🔎] 3F8F6B23.9020704@yahoo.es>

On Thu, 2003-10-16 at 23:08, Roberto Sanchez wrote:
> Tom wrote:
> > On Thu, Oct 16, 2003 at 11:01:51PM -0400, Roberto Sanchez wrote:
> > 
> >>stuart whittaker wrote:
> >>
> >>>file will unzip with winzip.
> >>>
> >>>
> >>
> >>Since the message was HTML generated with some M$ tool I would
> >>guess that the attachment contains a virus of some sort.
> >>Maybe we are witnessing fledgling attempts at social engineering
> >>to get Linux users download and execute viruses?
> >>
> >>Maybe I am just being paranoid.  Anyone want to start a pool and
> >>take bets?
> >>
> > 
> > 
> > I was just thinking that since most people believe "executable 
> > attachments bad; MSWord attachments bad" the smartest thing for virus 
> > writers to do would be look for buffer exploits in apps and send docs 
> > that exploit those.  What if the mere act of unzipping a zip was the 
> > attack vector?  Since the Windows zip is now a DLL loaded in-process 
> > with explorer.exe, that would be the way to go.
> > 
> > 
> 
> Except that the attachment to the initial message was a .tgz, which
> Windows cannot handle without a third party app.  Had it been a .zip,
> I would have immediately suspected what you said.

The OP says "file will unzip with winzip", so maybe it will.

However, I took the moment to save the file and look at it.  Very
innocuous:
$ tar tvfz dbg_log.tgz
drwxr-xr-x root/root     0 2003-10-16 22:25:47 dbg_log//
-rw-r--r-- root/root 10908 2003-10-16 22:25:47 dbg_log/messages
-r--r--r-- root/root   372 2003-10-16 22:25:47 dbg_log/cpuinfo
-r--r--r-- root/root  2099 2003-10-16 22:25:47 dbg_log/pci
-r--r--r-- root/root   110 2003-10-16 22:25:47 dbg_log/cmdline
-r--r--r-- root/root   188 2003-10-16 22:25:47 dbg_log/partitions
-r--r--r-- root/root   145 2003-10-16 22:25:47 dbg_log/mounts
-r--r--r-- root/root   124 2003-10-16 22:25:47 dbg_log/version
-rw-r--r-- root/root    42 2003-10-16 22:25:47 dbg_log/fstab
-rw-r--r-- root/root   378 2003-10-16 22:25:47 dbg_log/hda.fdisk-dump


-- 
-----------------------------------------------------------------
Ron Johnson, Jr. ron.l.johnson@cox.net
Jefferson, LA USA

"The UN couldn't break up a cookie fight in a Brownie meeting."
Larry Miller

Reply to:

Follow-Ups:
- Re: wont install
  - From: Aaron <aaron@core-dev.com>

References:
- wont install
  - From: "stuart whittaker" <stuartwhittaker@supanet.com>
- Re: wont install
  - From: Roberto Sanchez <rcsanchez97@yahoo.es>
- Re: wont install
  - From: Tom <tb.31009.nospam@comcast.net>
- Re: wont install
  - From: Roberto Sanchez <rcsanchez97@yahoo.es>

Prev by Date: kdelibs-data ... dpkg: error processing ... which is also in package k3b
Next by Date: Re: More on spam
Previous by thread: Re: wont install
Next by thread: Re: wont install
Index(es):
- Date
- Thread