Thursday, August 1, 2002, 10:33:28 AM, you wrote: CW> FYI: CW> http://www.mavetju.org/weblog/weblog.php CW> Greetz CW> Christoph CW> -- CW> .-. Ruhr-Universitaet Bochum CW> /v\ L I N U X Lehrstuhl fuer Biophysik CW> // \\ >Penguin Computing< c/o Christoph Wegener CW> /( )\ Gebaeude ND 04/Nord CW> ^^-^^ D-44780 Bochum, GERMANY CW> Tel: +49 (234) 32-25754 Fax: +49 (234) 32-14626 CW> mailto:cwe@bph.ruhr-uni-bochum.de http://www.bph.ruhr-uni-bochum.de here is the reply to an email i sent to Edwin Groothuis <edwin@mavetju.org> a little while ago: -=-=- On Thu, Aug 01, 2002 at 09:31:18AM +0100, x0 wrote:

Hello edwin,

just read your post at http://docs.freebsd.org/cgi/getmsg.cgi?fetch=394609+0+current/freebsd-securi...

not had a chance to look at the trojaned code yet, but what i see from your post at the above address, it looks very similar to a very recent trojaned version of bitchx, and also irssi whitch was trojaned a few months ago. both bitchx and irssi were trojaned on there official distribution sites.

Yups, that was exactly what I thought. Only the way it was done is different (bitchx et al did it via configure, this one via a `normal' file) Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/weblog.php bash$ :(){ :|:&};: | Interested in MUDs? http://www.FatalDimensions.org/ -=-=- -- Best regards, x0 mailto:x00ck@ntlworld.com