 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Wed 22 May 2013, 08:09 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
[ALERT?] (probably) trojan keylogger reported
|
 
|
View previous topic :: View next topic |
| Page 1 of 1 [6 Posts] |
| Author | Message | ||||
|---|---|---|---|---|---|
MU
 Joined: 24 Aug 2005 Posts: 13642 Location: Karlsruhe, Germany |
I think these are the first reliable indicators of infected Puppylinux installations. http://www.murga-linux.com/puppy/viewtopic.php?p=358515#358515 Update: that one seems to be a false alert, see Pizzasgoods explanation: http://www.murga-linux.com/puppy/viewtopic.php?p=359164#359164 In all other cases in the past, I think we had false alerts. You can install the firewall from the menu, or by typing: firewallinstallshell If you choose "automatic installation", it is very easy. Mark _________________ my recommended links Last edited by MU on Sat 07 Nov 2009, 14:47; edited 2 times in total |
||||
|
|||||
 |
|||||
Pizzasgood
 Joined: 04 May 2005 Posts: 6270 Location: Knoxville, TN, USA |
I don't know about the first one, but the second one seems to be a false positive. The scanner got confused by our use of busybox. _________________ Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib  |
||||
|
|||||
|
|||||
|
MU
Joined: 24 Aug 2005 Posts: 13642 Location: Karlsruhe, Germany |
Thanks for the clarification, Jeremy 
The first one looks strange. No idea at moment... Mark _________________ my recommended links |
||||
|
|||||
|
|||||
Patriot
 Joined: 15 Jan 2009 Posts: 734 |
Hmmm ..... MU, I concur with Pizzasgood ... I've tested chkrootkit on my system and it gives the exact output as reported in the second link. I also have just rebuilt busybox 1.15.2 from source and chkrootkit gives the same output ... So, I agree it's a false alarm ... From what I understand, rootkits may get installed if one unwittingly uses a package from unreliable download sources ... Rgds |
||||
|
|||||
|
|||||
|
PaulBx1
Joined: 16 Jun 2006 Posts: 2308 Location: Wyoming, USA |
Since Puppy is supposed to be newbie-friendly, I've always wondered why the user has to invoke the firewall startup (and thus, has to KNOW to invoke it). Why not just have it running by default, even when booting pfix=ram? |
||||
|
|||||
|
|||||
sikpuppy
 Joined: 29 Mar 2009 Posts: 433 |
It would be nice, but what would be the default settings? Just enough to run the software contained on the LIVE CD? What happens when the user installs extra PETs that need firewall access? It means that a new set of rules would have to be supplied by the PET packager, or the user would have to set the rules themselves. The network wizard would also have to modify the firewall, which in itself might not be problematic, but at this stage I fear that the firewall would block initial attempts to gain a connection. BTW I think that it is a good idea to have the firewall on and locked down by default, I am just playing devil's advocate. _________________ ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001. |
||||
|
|||||
|
|||||
[ALERT?] (probably) trojan keylogger reported
| Page 1 of 1 [6 Posts] |
|
|
View previous topic :: View next topic |
|
Forum index » Off-Topic Area » Security |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group