always check the signatures. if they don't match the ones provided by the vendor or project then its likely that said package is not trustworthy.

-eric

On Feb 23, 2013, at 4:33 PM, Ed wrote:

> it would be good to watch this one:
> 
> SSHD rootkit hitting mainly RPM based Linux distributions
> https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229
> 
> any thoughts from our security oriented folk?
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss