Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 26 Nov 2014, 13:23
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Misc
Virus warning from www.puppylinux.com/manuals.htm
Moderators: Flash, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 2 of 10 Posts_count   Goto page: Previous 1, 2, 3, 4, ..., 8, 9, 10 Next
Author Message
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Sat 01 Mar 2008, 07:49    Post_subject:  

From http://malwaredomains.com/?tag=fake-codecs

DNS Blocklist Update 12/29
Posted on December 29th, 2007 in New Domains, Storm Worm, fake codecs by dglosser

Added: storm worm domains, rogue antivirus, fake codecs

e-learningcenter.ru flashupdate.net
googl.name health-hack.com
home-xxx.com jkh-novgorod.ru
juhost.ru l0calh0st.jino-net.ru
natural-amber.com newyearwithlove.com
orentraff.cn qarchive.net
s0s1.net taktomi.ru
traffurl.ru trffc.org
vip-ddos.org x5x.ru
xll-g.com milk0soft.com
xmaturelife.com


updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files

BOOT file is in MS DNS format
spywaredomains.zones file is in BIND Server format
domains.txt file is the complete list along with original reference

_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send_private_message 
Caneri

Joined: 04 Sep 2007
Posts: 1580
Location: Canada

PostPosted: Sat 01 Mar 2008, 09:55    Post_subject:  

Hey thanks AJ,

I've been getting a huge spike in traffic out of .ru

It says it's from puppyrus but I will definitely look much closer at this.

Eric

_________________
Be not afraid to grow slowly, only be afraid of standing still.
Chinese Proverb

Back to top
View user's profile Send_private_message 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Sat 01 Mar 2008, 12:15    Post_subject:  

Where is Barry?
The manual page is still infected.
Back to top
View user's profile Send_private_message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Sat 01 Mar 2008, 13:54    Post_subject:  

wingruntled wrote:
Where is Barry?

Where's the emoticon for "bites down on tongue?"

_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send_private_message 
purple_ghost

Joined: 09 Nov 2005
Posts: 414

PostPosted: Sat 01 Mar 2008, 14:20    Post_subject: Question is:  

For the ordinary users. Have we been left with a Trojan in Puppy Linux iitself? Did I download a working Trojan with the manual? Should I rebuild by pup_save file?
_________________
Google Search of Forum: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send_private_message 
Caneri

Joined: 04 Sep 2007
Posts: 1580
Location: Canada

PostPosted: Sat 01 Mar 2008, 14:30    Post_subject:  

I don't know who runs puppyrus but they should be informed also about this.

Eric

_________________
Be not afraid to grow slowly, only be afraid of standing still.
Chinese Proverb

Back to top
View user's profile Send_private_message 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Sat 01 Mar 2008, 17:35    Post_subject: Re: Question is:  

purple_ghost wrote:
For the ordinary users. Have we been left with a Trojan in Puppy Linux iitself? Did I download a working Trojan with the manual? Should I rebuild by pup_save file?

There shouldn't be any problem with your pup_save.
This is yet another windows base trojan.
http://www.bluetack.co.uk/forums/lofiversion/index.php/t18052.html
Back to top
View user's profile Send_private_message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Sun 02 Mar 2008, 11:30    Post_subject: Re: Stupid Question  

It has been just shy of 22-hours since biting my tongue regarding this matter. Though The Tongue is now unleashed, I'll measure my words - all in the interest of deliberately attempting to be constructive.

Any word back from Barry? It's Sunday morning, east coast USA time, and several pages on puppylinux.com still carry and propagate this IFRAME exploit.

I've just sent a PM to both LobsterEd and Barry regarding this, and a backup email to LobsterEd.

FYI, Barry's last post on this forum was date/time stamped Mon Feb 25, 2008 9:34 pm (east coast USA), though I seem to remember seeing him listed on-line since then. LobsterEd was logged on this forum when I was commenting here.

_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send_private_message 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Sun 02 Mar 2008, 14:06    Post_subject:  

Quote:
The Tongue is now unleashed,

Well that wasn't so bad. I was expecting my LCD to turn blazing red. LOL
Thanks for that list of domains. Looks like I'm going to do some more editing on my windows hosts file just to stay a little bit safer.
Back to top
View user's profile Send_private_message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Mon 03 Mar 2008, 15:55    Post_subject:  

To date, this is the only official public response I've been able find:
Quote:
"Notice: this static webpage is temporarily replacing my WordPress blog until I can sort out a security hole in my site (hosted by servage.net)."


And now, this just in from the official Puppy Linux news desk:


_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send_private_message 
prehistoric


Joined: 23 Oct 2007
Posts: 1304

PostPosted: Mon 03 Mar 2008, 18:07    Post_subject: new vision  

With apologies to Lobster. Laughing
omg.jpg
 Description   Ask AJ where he got it
 Filesize   24.38 KB
 Viewed   1327 Time(s)

omg.jpg

Back to top
View user's profile Send_private_message 
Wolf Pup

Joined: 27 Apr 2006
Posts: 637

PostPosted: Mon 03 Mar 2008, 18:38    Post_subject:  

AJ, where those once real monkeys? Question

BTW, until Barry comes back and fixes the web page, anyone using Internet explorer should disable the IFRAME by:

Starting Internet Explorer then go to -
Tools - Internet Options - Security Tab - Click "Custom Level"

Scroll down till you see:
Launching programs and files in a IFrame = Disable

Then press OK to all, and restart. That IFRAME exploit should stop redirecting after this.

_________________

Visit The Repository - Helpful and hard-to-find treats for Puppy 3.
Click Here for Puppy Support Chat, + Helpful Links.
Back to top
View user's profile Send_private_message 
trapster


Joined: 28 Nov 2005
Posts: 2027
Location: Maine, USA

PostPosted: Mon 03 Mar 2008, 19:28    Post_subject:  

Internet Explorer?????

Wassat?

_________________
trapster
Maine, USA

Asus eeepc 1005HA PU1X-BK
Frugal install: Puppeee4.31 + 1.0, Puppy4.10 + Lupu52
Currently using Slacko AND lupu52 w/ fluxbox
Back to top
View user's profile Send_private_message Visit_website 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Mon 03 Mar 2008, 20:19    Post_subject:  

Wolf Pup
Barry was here in the forums yesterday. The pages on his domain were fixed directly after. I imagine he had quite a few PM's about the problem. He took his blog down and put up a temporary explaining what part of the problem was.
Back to top
View user's profile Send_private_message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Mon 03 Mar 2008, 20:41    Post_subject:  

Wolf Pup wrote:
AJ, where those once real monkeys?

Assuming you meant "were" and not "where," no. Those were once real giraffe. Amazing transformation, wouldn't you say?

Thanks for posting that IE tip. That should help keep the IFRAME wolves at bay for those hapless souls still shackled by the Curse of Redmond.

_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 2 of 10 Posts_count   Goto page: Previous 1, 2, 3, 4, ..., 8, 9, 10 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Taking the Puppy out for a walk » Misc
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0823s ][ Queries: 13 (0.0091s) ][ GZIP on ]