How much effor would be required to update DUCLING to include use the newer version of FreeS/wan? I would guess not a lot. By updating the potential problems are removed and a better version is obtained.
Besides maybe needing a second diskette any reason that the external interface be analog modem instead of an ethernet connection? The reason I ask someone asked me, so thought would ask here. Thank you. Larry Platzek [EMAIL PROTECTED] On Mon, 11 Feb 2002, Charles Steinkuehler wrote: > Date: Mon, 11 Feb 2002 10:45:42 -0600 > From: Charles Steinkuehler <[EMAIL PROTECTED]> > To: Duncan Napier <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: [Leaf-user] Re: Obsidian.E virus? > > > > Message: 1 > > > Date: Fri, 8 Feb 2002 08:21:49 -0600 > > > > > > I have been informed that Panda Antyvirus Platinum on Windows XP reports > > > that the file /usr/bin/tr contained as part of ipsec.lrp (apparently > version > > > 1.5 or earlier, since there is no tr command included in my latest ipsec > > > 1.91 package) is infected by the Linux/Obsidian.E virus. > > > > > > I'm currently trying to verify this, and track down exactly what the > > > Obsidian virus is supposed to do. If anyone has any information on this > > > virus, or can help verify the file is/is not infected, I would greatly > > > appreciate it. > > > > > > I currently have no idea if this is simply a false positive, or if there > is > > > actually a problem, but wanted to let everyone know just in case. > > > > > Any news on the status of this? I am somewhat concerned too, since the > > DUCLING release uses the Eigerstein FreeS/WAN 1.5 distribution. > > > > It is now available at LEAF: > > > > http://sourceforge.net/project/showfiles.php?group_id=13751 > > > > courtey of Mike Noyes. Should I ask for it to be taken down? > > No, I think everything is OK. > > For those concerned about the reported Obsidian virus contained in the > /usr/bin/tr utility of my IPSec packages, here's the current status: > > - Marcin Bulandra reported that Panda Antyvirus Platinum on his Windows XP > machhine listed /usr/bin/tr (contained within the ipsec.lrp tar.gz file) as > being infected with the Obsidian.E virus. > > - Several folks have checked this file with alternate virus scanners, and > the file is not listed as infected > > - The information I have been able to gather online indicates that > Obsidian.E is a linux elf virus, which infects files by pre-pending it's apx > 8K virus payload to an executable file, creating a file with two elf headers > (one for the original file, and one for the virus. > > - Examination of the file in question indicates only a single elf header > > - The file-size (19008 bytes) does not seem to allow for an 8K virus > payload...this is one of the smallest tr binaries on any of my systems. > > - Examination of the output of strace does not reveal anything that looks > out of the ordinary (ie virus code running prior to the actual tr functions) > when running the tr utility > > I suspect at this point that something about how Panda Antyvirus Platinum is > scanning files for the Obsidian virus yields a false positive for the tr > binary included in my older IPSec packages. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
