FanJ
November 15th, 2002, 11:32 AM
Hackers drop spyware into popular tool
By Robert Lemos
Staff Writer, CNET News.com
November 14, 2002, 5:27 PM PT
The main Web site for downloading a popular open-source network-monitoring tool remained off-line Thursday following a revelation that rogue hackers had implanted spyware in the latest version of the software.
Copies of tcpdump, a utility for monitoring data traffic on a network, and its library of code, called libpcap, had both been corrupted on the site, said Michael Richardson, Webmaster for the site and a member of the open-source project that maintains the tools.
"The server has been taken down until we can be sure we have found the problem," Richardson said in a phone interview Thursday.
However, other sites had already downloaded the software from the main server and hosted the files on their own computers, a practice known as mirroring. It's unknown how many of these other sites have corrupted copies of the code, Richardson said, although some have already confirmed that they have found the Trojan horse.
Tcpdump is a utility used by Unix, Linux and BSD system administrators to monitor--or "sniff"--the data that passes over the network. Libpcap is a code library that helps programmers write programs to tap into network data on many different platforms.
Read more:
http://news.com.com/2100-1001-965916.html?tag=fd_top
By Robert Lemos
Staff Writer, CNET News.com
November 14, 2002, 5:27 PM PT
The main Web site for downloading a popular open-source network-monitoring tool remained off-line Thursday following a revelation that rogue hackers had implanted spyware in the latest version of the software.
Copies of tcpdump, a utility for monitoring data traffic on a network, and its library of code, called libpcap, had both been corrupted on the site, said Michael Richardson, Webmaster for the site and a member of the open-source project that maintains the tools.
"The server has been taken down until we can be sure we have found the problem," Richardson said in a phone interview Thursday.
However, other sites had already downloaded the software from the main server and hosted the files on their own computers, a practice known as mirroring. It's unknown how many of these other sites have corrupted copies of the code, Richardson said, although some have already confirmed that they have found the Trojan horse.
Tcpdump is a utility used by Unix, Linux and BSD system administrators to monitor--or "sniff"--the data that passes over the network. Libpcap is a code library that helps programmers write programs to tap into network data on many different platforms.
Read more:
http://news.com.com/2100-1001-965916.html?tag=fd_top