We (at Real Time) are seen evidence of Scalper and Slapper, so for your pleasure: + chkrootkit-0.37-realtime.1 - chklastlog.c fix; (thanks to Gerard van Wageningen) - chkproc.c improvements; (thanks to Morohoshi Akihiko, Kostya Kortchinsky and Aaron Sherman) - new rootkits detected: o OpenBSD rk v1 o Illogic rootkit (thanks to Andrey Chernomyrdin) o SK rootkit (thanks to Razvan Cosma) - new worms detected: o Scalper (FreeBSD/Apache chunked encoding worm) o Slapper (Apache/mod_ssl Worm) Since gladiator is still syncing, the RPM will be available here: http://www.tanners.org/~tanner/downloads/RPMS/ The RPM package has been signed with gnupg and my personal key. To get my personal key: $ gpg --recv-key 2CC1B288 To check my personal key: $ gpg --fingerprint 2CC1B288 Key fingerprint = AB15 0BDF BCDE 4369 5B42 1973 7CF1 A709 2CC1 B288 To check the RPM package: $ rpm --checksig <package> -- Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 http://www.mn-linux.org, Minnesota, Linux | Fax : (952)943-8500 http://www.tcwug.org, Minnesota, Wireless | Coding isn't a crime. Key fingerprint = AB15 0BDF BCDE 4369 5B42 1973 7CF1 A709 2CC1 B288 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020917/f147e329/attachment.pgp