From: Ben Davis on 2 Feb 2010 10:29 Hi, I was trying to look up some info on nflog and looked up nflog.sourceforge.net which is the project page. This page has been hacked - I've copied my mail to sf.net below. I've searched up on 'vdlog' and it is clearly *NOT* the new version of nflog, so I'm assuming this is an attempt at a Linux iptables trojan? I have had a quick look on shellbox.fr but I can't find a download link, though I wouldn't be installing it on anything important ;-) (apologies for the html but I think it shows that this is clearly a defacement and I already alerted sourceforge.net to it) --- snip --- <html> <head> <meta name="description" content="Iptables target to log packets via virtual device"> <meta name="keywords" content="nflog linux kernel netfilter iptables target virtual device log packet"> <title>Iptables target NFLOG</title> </head> <h1>Iptables target NFLOG renamed VDLOG available at shellbox.fr</h1> <a href="http://www.shellbox.fr">Here my Homesite</a> </html> --
From: David W. Hodgins on 2 Feb 2010 11:36 On Tue, 02 Feb 2010 10:29:58 -0500, Ben Davis <jameenaziz(a)gmail.com> wrote: > I was trying to look up some info on nflog and looked up > nflog.sourceforge.net which is the project page. This page has been > hacked - I've copied my mail to sf.net below. I've searched up on > 'vdlog' and it is clearly *NOT* the new version of nflog, so I'm > assuming this is an attempt at a Linux iptables trojan? I have had a > quick look on shellbox.fr but I can't find a download link, though I > wouldn't be installing it on anything important ;-) Found a download link on shellbox.fr, http://shellbox.free.fr/files/downloads/vdlog.tgz The files in that are all dated May, 2006. Also found http://code.google.com/p/nflogd/source/browse/trunk/nflogd.cpp which has a last change date of Nov. 2009. No idea which is what, or what the history is, but skimming through the vdlog source, I see no indication of a trojan. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)
|
Pages: 1 Prev: Google wants to see client addresses in DNS queries Next: Having a LAN routing issue |