On Sun, 2004-10-24 at 23:56, Paul Iadonisi wrote:
On Sun, 2004-10-24 at 23:52, Mike Klinke wrote:
[snip]
A brief analysis is here:
http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0983.html
And then there's mine I just posted to fedora-devel at http://www.redhat.com/archives/fedora-devel-list/2004-October/msg01288.html.
Heh. I hadn't thought of decrypting it directly.
Something else to note about this fake security alert. Red Hat publishes an SPF record, so for those who are doing inbound SPF checking, this falsification would likely be caught before every hitting any of their inboxes.
va:iadonisi:501) host -t txt redhat.com redhat.com text "v=spf1 mx a:hormel.redhat.com a:sources.redhat.com a:alertmail.redhat.com a:bltn.redhat.com ip4:65.125.54.185 ip4:65.125.54.186 ip4:65.125.54.187 ip4:65.125.54.188 ip4:65.125.54.189 ip4:65.125.54.190 ip4:219.120.63.242 -all"