Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 16 Sep 2014, 13:50
All times are UTC - 4
 Forum index » Off-Topic Area » Security
virus on the puppy forum ?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [14 Posts]  
Author Message
ebiker

Joined: 04 Jan 2010
Posts: 7

PostPosted: Wed 27 Jan 2010, 11:46    Post subject:  virus on the puppy forum ?
Subject description: virus on the puppy forum
 

I was on the puppy forum using windows xp with avg and I got the BIG warning about this site

http://bandstartedsecurity.com/index.php?affid=92001

avg blocked it but I wanted to see what it is.

I fired up my puppy linux computer using an external cd drive through a usb port then disconnected the cd drive.

Got on the net and typed in web address above.

It's a program that says my computer is infected and offers to scan it.

Wow, I played with that virus program then shut puppy down.

Check it out ! It scanned my C hard drive and found over 100 virus on it ( the computer has no hard drives in it ! )

I used this setup with the cd rom, not the flash stick.

http://www.youtube.com/watch?v=CyGtLgHwzV0

P.S. don't let puppy save anything to disk or flash memory doing this

*

Last edited by ebiker on Wed 27 Jan 2010, 19:06; edited 5 times in total
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11062
Location: Arizona USA

PostPosted: Wed 27 Jan 2010, 12:58    Post subject:  

This "warning" has shown up on several Windows computers that were connected to the Puppy Linux forum. It happened to me while I was visiting my brother. Nobody seems to know where it's coming from.
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Wed 27 Jan 2010, 19:05    Post subject:  

Flash wrote:
This "warning" has shown up on several Windows computers that were connected to the Puppy Linux forum. It happened to me while I was visiting my brother. Nobody seems to know where it's coming from.

"bandstartedsecurity.com" resolves to 85.12.46.15

nslookup for that domain reveals

Code:

% Information related to '85.12.46.0 - 85.12.46.127'

inetnum:        85.12.46.0 - 85.12.46.127
netname:        NL-web10
descr:          Web10 ict services
country:        NL
admin-c:        PL2400-RIPE
tech-c:         TW1148-RIPE
status:         ASSIGNED PA
mnt-by:         EUROACCESS-MNT
source:         RIPE # Filtered

person:         PC Leurink
address:        EuroAccess Enterprises Ltd.
address:        Alsacelaan 5
address:        5627 CA Eindhoven, The Netherlands
phone:          +31 (0)20-7173209
fax-no:         +31 (0)40-2488764
e-mail:         ip-dbm@euroaccess.nl
mnt-by:         EUROACCESS-MNT
nic-hdl:        PL2400-RIPE
source:         RIPE # Filtered

person:         TA Westervoorde
address:        EuroAccess Enterprises Ltd.
address:        Alsacelaan 5
address:        5627 CA Eindhoven, The Netherlands
phone:          +31 (0)20-7173209
fax-no:         +31 (0)40-2488764
e-mail:         ip-dbm@euroaccess.nl
mnt-by:         EUROACCESS-MNT
nic-hdl:        TW1148-RIPE
source:         RIPE # Filtered

% Information related to '85.12.0.0/18AS34305'

route:          85.12.0.0/18
descr:          Euroaccess IPv4
origin:         AS34305
mnt-by:         EUROACCESS-MNT
source:         RIPE # Filtered

Email to abuse@euroacess.nl complaining about virus distribution might be in order...
______
Dennis
Back to top
View user's profile Send private message 
nubc


Joined: 23 Jan 2007
Posts: 1050
Location: USA

PostPosted: Wed 27 Jan 2010, 22:54    Post subject:  

If you are seeing rogue antivirus popups on Puppy Forums, your [Windoze] computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.
Last edited by nubc on Thu 28 Jan 2010, 14:25; edited 1 time in total
Back to top
View user's profile Send private message 
ebiker

Joined: 04 Jan 2010
Posts: 7

PostPosted: Thu 28 Jan 2010, 11:17    Post subject: pop ups  

nubc wrote:
If you are seeing rogue antivirus popups on Puppy Forums, your computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.


I did not see what it would do on the windows computer.

It did not pop up. AVG displayed a warning and blocked it and gave me the address.

To see what it was I typed it in later on a different computer running puppy so I could see what it is and what it does.

AVG only showed a warning. It did not say what it was or what it did.

I used puppy linux power to find that out.

I consider Windows malware ! ! !
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11062
Location: Arizona USA

PostPosted: Thu 28 Jan 2010, 16:24    Post subject:  

Thanks, DMCunny.

It's still not clear to me how it gets sent to someone's computer. Does it come from the Puppy Linux server or what?
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Thu 28 Jan 2010, 18:35    Post subject:  

nubc wrote:
If you are seeing rogue antivirus popups on Puppy Forums, your [Windoze] computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.

You might not need to go that far. I took at look at the site using Firefox on Windows. As expected, I saw a blank screen. I use the NoScript extension that blocks all scripting activity unless the site being viewed is in a user created whitetlist.

I use Symantec Corporate A/V, and have Malwarebytes anti-malware around, but it never finds anything. I'd be surprised it if it did, since most exploits target IE and bounce off other browsers.
______
Dennis
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Thu 28 Jan 2010, 18:40    Post subject:  

Flash wrote:
Thanks, DMCunney.
It's still not clear to me how it gets sent to someone's computer. Does it come from the Puppy Linux server or what?

Unlikely. The question is where else people who see this might have visited. There are an assortment of ways to do things like hijack your browser and feed you stuff from unexpected places. Most of them exploit holes in IE and Windows, and bounce off if you run something else. I use Firefox with NoScript under Windows, and don't get bit by that sort of nonsense.

I'd be startled if the Puppy server was hacked and injecting malware.
______
Dennis
Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Fri 29 Jan 2010, 20:27    Post subject:  

from my sandboxie in XP/firefox

http://www.mywot.com/en/scorecard/bandstartedsecurity.com

The actual website appears to have been taken down....

Quote:
Server not found

Firefox can't find the server at www.bandstartedsecurity.com.


Absolutely Guaranteed - NOTHING to do with our beloved Puppy forum

just [ Laughing Laughing ] a dangerous exploit site

Aitch Smile
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11062
Location: Arizona USA

PostPosted: Fri 29 Jan 2010, 23:33    Post subject:  

Thanks, Aitch. That's a relief. Smile
Back to top
View user's profile Send private message 
ebiker

Joined: 04 Jan 2010
Posts: 7

PostPosted: Sat 30 Jan 2010, 11:56    Post subject:  

It does appear to be gone. It was very educational for me.

It was fun to play with too.

I have almost no interest in windows anymore. I am a Puppy head now ! ! !

I have not had this much fun learning about computers since my CoCo 6809 OS9 days !

The feeling of having control over my computers has returned ! Very Happy

Thanks, Steve
Back to top
View user's profile Send private message 
linuxsansdisquedur


Joined: 13 Jan 2009
Posts: 250
Location: South of France

PostPosted: Mon 22 Feb 2010, 17:29    Post subject:    

BE CARREFUL SKYNET SLEEP IN PUPPY FORUM...............................................
ANY WINDOWS USER CONNECTED GOTTA BE TERMINATED..........................
USE PUPPY TO PRESERVE HUMANITY...................................................................

_________________
le max avec le min
Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Mon 22 Feb 2010, 18:31    Post subject:  

Do we need a Terminator.pet, then? Wink Laughing

Aitch Smile
Back to top
View user's profile Send private message 
`f00


Joined: 06 Nov 2008
Posts: 809
Location: the Western Reserve

PostPosted: Tue 23 Feb 2010, 20:03    Post subject:
Subject description: mmmJL
 

a True_Lies.sfs would be my choice (i<3levity)
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [14 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0807s ][ Queries: 12 (0.0035s) ][ GZIP on ]