Virus warning from www.puppylinux.com/manuals.htm

Puppy related raves and general interest that doesn't fit anywhere else
Message
Author
User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

who is safe?

#101 Post by prehistoric »

While Barry's experience with Servage furnishes grounds for dismissing these attacks as the result of sheer incompetence there is evidence of similar attacks against a harder target. http://www.theregister.co.uk/2008/03/13 ... _infected/

To quote an understatement of the late mathematician, Paul Erdos, "This is not a trivial problem."

prehistoric

Sage
Posts: 5536
Joined: Tue 04 Oct 2005, 08:34
Location: GB

#102 Post by Sage »

Small Claims Courts cost peanuts and in the unlikely event you lose, there are no costs against you. If you have sworn (notorised) statements from experts in support, the 'little man' invariably wins on 'balance of probability'. Winning is not so much a warm feeling for the individual but helps those that come after and helps to close down the business of bad companies by the adverse publicity. In the UK, you can file online - it's easy. I have been successful against such diverse companies as Ebuyer, Indesit and Parcel Force. In the latter case, it got as far as the bailiffs arriving to remove the CEO's computer - I let him off for a cash alternative. These bullying traders need to be taught a lesson - it's the only way their behaviour can be moderated. These days, when buying goods and asked if I would like an extended warranty (for a vast extra premium). I always decline and tell the salesman "No thank you, I always sue if there's a problem" and insist on him giving me the address of the registered office, to make sure the message gets home.

wingruntled

#103 Post by wingruntled »

Bad News!
I wasn't going to post on this forum any longer because of the lack of securties set by the admin but With fireswalls up!
Here is the log I just got from firestarter when I went to Barry's blog :(
Time: Mar 16 22:54:49 Source: 77-232-84-168.static.servage.net Destination: mke-216-54-***.***.******.com In IF: ppp0 Out IF: Port: 2600 Length: 44 ToS: 0x00 Protocol: TCP Service: Zebrasrv

Bye! and clearing system again!!!!!

wingruntled

#104 Post by wingruntled »

BUMP
due to an SQL error when I posted the above.

User avatar
alienjeff
Posts: 2265
Joined: Sat 08 Jul 2006, 20:19
Location: Winsted, CT - USA

#105 Post by alienjeff »

test
[size=84][i]hangout:[/i] ##b0rked on irc.freenode.net
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]

oblivious
Posts: 303
Joined: Sat 14 Apr 2007, 05:59
Location: Western Australia

#106 Post by oblivious »

Just came across this:
Posted by: vec7 on 03/10/2008 09:18 PM
Friends, this is the beginning of the new VectorLinux website. This site will be under construction for awhile to rebuild our content. We are pretty much starting from scratch since our database was severely compromised by a hacking group a few days ago. So bear with us content will be added on an ongoing basis.
cheers,
Vec
Maybe Puppy isn't the only one being messed with?

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#107 Post by BarryK »

I've been looking at this site:
http://www.webhostingjury.com/
It is customer reviews of web hosts.

I am of course looking at where to move puppylinux.com. One thing, they must accept PayPal, which rules out Netfirms. The reason for PayPal is that it gives you more control, and they can't do an automatic renew. I was with Netfirms and they required that I telephone them in the US to cancel the account -- not at all satisfactory.

Hostgator looks interesting:
http://www.hostgator.com/
...they include SSH, I missed that with Servage.

Godaddy was recommended to me by one person, but the customer reviews are awful.

So, what do you reckon, does Hostgator look good? I want this for my own sites. I have puppylinux.com, goosee.com, plus a couple other small private domains.
For puppylinux.org and some other Puppy domains, there is a separate effort going on to find a better home than Servage.

I think having two separate homes is a good thing. Of course this forum is hosted at yet another place ( -- does John mind if the host is known?)

We need to avoid "all the eggs in one basket".
[url]https://bkhome.org/news/[/url]

Caneri
Posts: 1513
Joined: Tue 04 Sep 2007, 13:23
Location: Canada

#108 Post by Caneri »

Hi Barry,

I looked at http://drupal.org/.
There is lots of recommended hosts on the forum there.

May be of use to you.

I didn't need any phone calls about PayPal here....but I'm on .ca not Netfirms.com...maybe a difference..dunno.

Best,
Eric
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

puppylinux.org

#109 Post by prehistoric »

Don't assume puppylinux.org is safe. See this thread. http://www.murga-linux.com/puppy/viewtopic.php?t=27374

Yes, oblivious, you could say others are being messed with, hardly a secret. Here's a report on media reaction to one current wave of attacks. Danchev on PR storm

Even if exploits do not apply to us, a redirect through a search engine can bring others to an infected page. Puppy's page rank makes it a reasonable target for rank manipulation on search engines.

oblivious
Posts: 303
Joined: Sat 14 Apr 2007, 05:59
Location: Western Australia

#110 Post by oblivious »

Yes, oblivious, you could say others are being messed with
The whole thing just makes me feel sick. :cry:

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

feeling ill

#111 Post by prehistoric »

oblivious wrote:The whole thing just makes me feel sick. :cry:
You aren't the first. Now start thinking about how to do something about it. If enough Puppy enthusiasts take action attackers may learn the meaning of this ancient warning: Cave Canem. :!:

Sage
Posts: 5536
Joined: Tue 04 Oct 2005, 08:34
Location: GB

#112 Post by Sage »

Hope that BK is going to appraise us of today's events. Early this morning (GMT), his static blog appeared with a couple of new items about Abiword. Now, it's been replaced by his old interactive blog which stopped with his Feb27 item on XDiff. Presume he's got all this under control?

oblivious
Posts: 303
Joined: Sat 14 Apr 2007, 05:59
Location: Western Australia

#113 Post by oblivious »

Now start thinking about how to do something about it.
I can't even get Puppy to work properly, I wouldn't have a clue :cry:

Sage
Posts: 5536
Joined: Tue 04 Oct 2005, 08:34
Location: GB

#114 Post by Sage »

Return of the Blog!

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

what to do

#115 Post by prehistoric »

@oblivious,

Thinking these problems are only solved by wizardry is part of trouble people generally have in combating them. When you happen across an infected page you can use a right click and "show source" to get the html source which you can submit that to a group which tracks spamming or malware and works to get the culprits shut down. (N.B.: I am not talking about the visible page - which may have distracting pictures. You want to report the URL, the time and the page source.)
@ anyone: I would like to hear suggestions from others about their favorite reporting sites. before I make recommendations.

You don't need much expertise to report a problem to the webmaster if a page on their site takes you someplace you don't want to go. If there is a chance posting a report on a forum could create problems by luring people into a trap you can report directly via PM or email.

By using Puppy you are already reducing your chances of spreading an infection. By restricting the scripts your browser runs you can reduce risk still further. By reporting you can limit damage to others.

The one thing I want to emphasize is that there is no "silver bullet" which destroys all risk! Puppy is not magic, it requires intelligent users - as does any computer system.

prehistoric

jonyo

Re: what to do

#116 Post by jonyo »

Running win on the net is a lost cause.

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#117 Post by BarryK »

Sage wrote:Hope that BK is going to appraise us of today's events. Early this morning (GMT), his static blog appeared with a couple of new items about Abiword. Now, it's been replaced by his old interactive blog which stopped with his Feb27 item on XDiff. Presume he's got all this under control?
Yes, it was back for a few hours. I wanted to extract everything from it and create static html pages, and the only way that I knew how to do that is manually, copy-paste.
[url]https://bkhome.org/news/[/url]

oblivious
Posts: 303
Joined: Sat 14 Apr 2007, 05:59
Location: Western Australia

#118 Post by oblivious »

When you happen across an infected page
Well, that's just it - other than being told that I have by people on here, I've never observed any infection/being redirected anywhere/having the virus thingy tell me anything is dodgy.

I asked about reporting the redirection thing on Barry's page on the forum for my (windows) internet security, but got no answer to that.
By using Puppy you are already reducing your chances of spreading an infection.
How? I do not understand how an infection is spread by looking at a web-page. I don't understand how using Puppy would stop something getting onto the Windows partition.

I don't understand why people are looking at source code on webpages (what did the page do?). I don't understand why the trojan downloader didn't work on my computer (a good thing) I don't understand what all of those drug things are doing on puppylinux.org (getting a higher position on google?)

I don't think anybody buys replica cartier watches or standing tall so I don't see the point of spam email.

I really don't belong on the internet. :cry: I think I'll go back to knitting and listening to the wireless.

User avatar
pch.shot
Posts: 24
Joined: Fri 21 Mar 2008, 20:35
Location: Chippawa, Ontario, Canada Puppy 3.01

A few Ideas

#119 Post by pch.shot »

These are two little applications that may be of some use to track down the hackers currports:http://www.nirsoft.net/utils/cports.html
and IPNetInfo:http://www.nirsoft.net/utils/ipnetinfo.html
That way maybe we can find out who the hacker is and kick him in the nuts.
lol, pch
Last edited by pch.shot on Sat 22 Mar 2008, 15:32, edited 1 time in total.

wingruntled

#120 Post by wingruntled »

pch.shot wrote:
That way maybe we can find out who the hacker is and kick him in th nuts.
lol, pch
That is an interesting thought? Maybe have the server have a forced redirect back to itself.
And internal DDOS attack. Interesting thought :roll:

Post Reply