 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Wed 28 Jun 2017, 20:19 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
mysterious files appeared... computer "seemed" to run slow
|
 
|
View previous topic :: View next topic |
| Page 1 of 1 [9 Posts] |
| Author | Message | ||||||
|---|---|---|---|---|---|---|---|
|
mcewanw
Joined: 16 Aug 2007 Posts: 3153 Location: New Zealand |
mysterious files appeared... computer "seemed" to run slow On Puppy 4.3.1, had been browsing with Seamonkey 1.1.18 May be nothing, but I discovered the following strange folder in /tmp /tmp/plugtmp which contained two files: 1. plugin-crossdomain and 2. plugin-policy File 1 contained:
and File 2:
I don't like the look of the: access-from "*" and to-ports="*"... Perhaps it is nothing, but if it is... If only I weren't so tired I'd set about catching the bastards and seeing if I could throw back some of their own medicine. But please tell me these are well known file, and nothing of concern! :-) I erased the folder (rebooted actually) and all seems fine, though I will spend ten minutes or so soon re-placing the existing pupsave file with my original backup. Not much time lost, but always a waste when trying to develop apps. _________________ SomeOfMyWork with links: dCoreDog weX, scrox, Precord, Premote, fokSyfEyeR, xhippo-mod, flite_hts_pet |
||||||
|
|||||||
 |
|||||||
WhoDo
 Joined: 11 Jul 2006 Posts: 4440 Location: Lake Macquarie NSW Australia |
Part of a global DDoS attack on Amazon. For more information see the following story: Amazon hit with DDoS attack _________________ Actions speak louder than words ... and they usually work when words don't! SIP:whodo@proxy01.sipphone.com; whodo@realsip.com |
||||||
|
|||||||
|
|||||||
|
mcewanw
Joined: 16 Aug 2007 Posts: 3153 Location: New Zealand |
Well..., I doubt that my slow dialup account connection provided them with much ammunition... _________________ SomeOfMyWork with links: dCoreDog weX, scrox, Precord, Premote, fokSyfEyeR, xhippo-mod, flite_hts_pet |
||||||
|
|||||||
|
|||||||
|
amigo
Joined: 02 Apr 2007 Posts: 2590 |
Nice example of how running as root and being online comprises real security risks. Just because you can reboot and not have those things carried over into the reboot, doesn't mean that you aren't contributing to some spambots' shenannigins while up and running.... Usually overlooked in the discussions on security here. |
||||||
|
|||||||
|
|||||||
|
WhoDo
Joined: 11 Jul 2006 Posts: 4440 Location: Lake Macquarie NSW Australia |
The question for me is whether or not mcewanw had his firewall enabled. It's a small but important step that can prevent such things from happening without compromising speed for a dialup connection. Just a thought. _________________ Actions speak louder than words ... and they usually work when words don't! SIP:whodo@proxy01.sipphone.com; whodo@realsip.com |
||||||
|
|||||||
|
|||||||
mikeb
 Joined: 23 Nov 2006 Posts: 11071 |
these are both normal files from flashplayer usage...they allow flashplayer to use data from a site different to the one it is hosted on and they reside in the root of the webserver. I use them for a chatroom myself So they are harmless..... mike |
||||||
|
|||||||
|
|||||||
|
Lobster
Official Crustacean  Joined: 04 May 2005 Posts: 15231 Location: Paradox Realm |
Could we have been saved from these harmless files by:
2. Using GROWL, BSD, TOR or the Navy version of Windows http://www.murga-linux.com/puppy/viewtopic.php?p=335216&search_id=830016334#335216 3. A thicker Tin Hat or other ostrich techniques of head covering 4. Special dispensation from 'The New World Disorder 5. Using the non-existent but highly personlised 'Black Ops Puppy' http://puppylinux.org/wikka/BlackOps. 6. Not using javascript, java, Flash and disconnecting from the Internet This message will self destruct (or be forgotten) in two years [cue Mission Impossible Music] . . . meanwhile Stay safe - Happy New World Order - oops I mean Happy New Year 
_________________ YinYana AI Buddhism |
||||||
|
|||||||
|
|||||||
|
mcewanw
Joined: 16 Aug 2007 Posts: 3153 Location: New Zealand |
Thank you Mike. :-) Of course, had they been other than that, they could and would have been a good example of the dangers to overall system security of running as root whilst online, so your point amigo is well-taken regardless of the outcome here. And firewall settings can help, at least to some extent, against that danger, though not eradicate it. Indeed, though my worries regarding these two files have been eradicated, it remains a concern to me that my system did indeed become insanely sluggish, and though it may very well be a complete coincidence, that sluggishness did appear to coincide with the timing of the amazon DoS attack described. The way computers are, however, I do put that down to likely coincidence... _________________ SomeOfMyWork with links: dCoreDog weX, scrox, Precord, Premote, fokSyfEyeR, xhippo-mod, flite_hts_pet |
||||||
|
|||||||
|
|||||||
|
mikeb
Joined: 23 Nov 2006 Posts: 11071 |
Well perhaps the sluggishness simply came from heavy flash activity..I find flashbock a godsend....some pages have invisible flash running for whatever purposes...you see them with flash block installed . Some pages go from 100%cpu to ticking over just with the flash disabled. Not so much a security issue , more an annoyance. mike |
||||||
|
|||||||
|
|||||||
mysterious files appeared... computer "seemed" to run slow
| Page 1 of 1 [9 Posts] |
|
|
View previous topic :: View next topic |
|
Forum index » Off-Topic Area » Security |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group