bartong
February 19th, 2010, 02:22 PM
Hi everyone,
During my most recent run of Update Manager I noticed something a little odd - it installed a whole bunch of new packages I had not previously had installed.
Below is part of the output of my History from Synaptic:
Installed the following packages:
alien (8.78)
bsd-mailx (8.1.2-0.20081101cvs-2ubuntu1)
debhelper (7.3.15ubuntu3)
html2text (1.3.2a-14)
intltool-debian (0.35.0+20060710.1)
libmail-sendmail-perl (0.79.16-1)
libqt3-mt (3:3.3.8-b-5ubuntu3)
libqt4-gui (4.5.3really4.5.2-0ubuntu1)
librpm0 (4.7.0-9)
librpmbuild0 (4.7.0-9)
librpmio0 (4.7.0-9)
libsys-hostname-long-perl (1.4-2)
lsb (4.0-0ubuntu5)
lsb-core (4.0-0ubuntu5)
lsb-cxx (4.0-0ubuntu5)
lsb-desktop (4.0-0ubuntu5)
lsb-graphics (4.0-0ubuntu5)
m4 (1.4.13-2)
mailx (1:20081101-2ubuntu1)
ncurses-term (5.7+20090803-2ubuntu2)
pax (1:20090728-1)
po-debconf (1.0.16)
postfix (2.6.5-3)
rpm (4.7.0-9)
What worries me in particular is the installation of alien, bsd-mailx and postfix. Why should I suddenly need these packages? I haven't installed any new applications for months!
I know it sounds paranoid, but could it be possible the repo has somehow been poisoned, and the attacker is trying to turn our machines into spam spewers??
Keen to gauge any thoughts on the matter!
During my most recent run of Update Manager I noticed something a little odd - it installed a whole bunch of new packages I had not previously had installed.
Below is part of the output of my History from Synaptic:
Installed the following packages:
alien (8.78)
bsd-mailx (8.1.2-0.20081101cvs-2ubuntu1)
debhelper (7.3.15ubuntu3)
html2text (1.3.2a-14)
intltool-debian (0.35.0+20060710.1)
libmail-sendmail-perl (0.79.16-1)
libqt3-mt (3:3.3.8-b-5ubuntu3)
libqt4-gui (4.5.3really4.5.2-0ubuntu1)
librpm0 (4.7.0-9)
librpmbuild0 (4.7.0-9)
librpmio0 (4.7.0-9)
libsys-hostname-long-perl (1.4-2)
lsb (4.0-0ubuntu5)
lsb-core (4.0-0ubuntu5)
lsb-cxx (4.0-0ubuntu5)
lsb-desktop (4.0-0ubuntu5)
lsb-graphics (4.0-0ubuntu5)
m4 (1.4.13-2)
mailx (1:20081101-2ubuntu1)
ncurses-term (5.7+20090803-2ubuntu2)
pax (1:20090728-1)
po-debconf (1.0.16)
postfix (2.6.5-3)
rpm (4.7.0-9)
What worries me in particular is the installation of alien, bsd-mailx and postfix. Why should I suddenly need these packages? I haven't installed any new applications for months!
I know it sounds paranoid, but could it be possible the repo has somehow been poisoned, and the attacker is trying to turn our machines into spam spewers??
Keen to gauge any thoughts on the matter!