Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 20 Aug 2014, 03:03
All times are UTC - 4
 Forum index » Off-Topic Area » Security
virus on the puppy forum ?
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
ebiker

Joined: 04 Jan 2010
Posts: 7

PostPosted: Wed 27 Jan 2010, 11:46    Post_subject:  virus on the puppy forum ?
Sub_title: virus on the puppy forum
 

I was on the puppy forum using windows xp with avg and I got the BIG warning about this site

http://bandstartedsecurity.com/index.php?affid=92001

avg blocked it but I wanted to see what it is.

I fired up my puppy linux computer using an external cd drive through a usb port then disconnected the cd drive.

Got on the net and typed in web address above.

It's a program that says my computer is infected and offers to scan it.

Wow, I played with that virus program then shut puppy down.

Check it out ! It scanned my C hard drive and found over 100 virus on it ( the computer has no hard drives in it ! )

I used this setup with the cd rom, not the flash stick.

http://www.youtube.com/watch?v=CyGtLgHwzV0

P.S. don't let puppy save anything to disk or flash memory doing this

*

Edited_times_total
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11011
Location: Arizona USA

PostPosted: Wed 27 Jan 2010, 12:58    Post_subject:  

This "warning" has shown up on several Windows computers that were connected to the Puppy Linux forum. It happened to me while I was visiting my brother. Nobody seems to know where it's coming from.
Back to top
View user's profile Send_private_message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Wed 27 Jan 2010, 19:05    Post_subject:  

Flash wrote:
This "warning" has shown up on several Windows computers that were connected to the Puppy Linux forum. It happened to me while I was visiting my brother. Nobody seems to know where it's coming from.

"bandstartedsecurity.com" resolves to 85.12.46.15

nslookup for that domain reveals

Code:

% Information related to '85.12.46.0 - 85.12.46.127'

inetnum:        85.12.46.0 - 85.12.46.127
netname:        NL-web10
descr:          Web10 ict services
country:        NL
admin-c:        PL2400-RIPE
tech-c:         TW1148-RIPE
status:         ASSIGNED PA
mnt-by:         EUROACCESS-MNT
source:         RIPE # Filtered

person:         PC Leurink
address:        EuroAccess Enterprises Ltd.
address:        Alsacelaan 5
address:        5627 CA Eindhoven, The Netherlands
phone:          +31 (0)20-7173209
fax-no:         +31 (0)40-2488764
e-mail:         ip-dbm@euroaccess.nl
mnt-by:         EUROACCESS-MNT
nic-hdl:        PL2400-RIPE
source:         RIPE # Filtered

person:         TA Westervoorde
address:        EuroAccess Enterprises Ltd.
address:        Alsacelaan 5
address:        5627 CA Eindhoven, The Netherlands
phone:          +31 (0)20-7173209
fax-no:         +31 (0)40-2488764
e-mail:         ip-dbm@euroaccess.nl
mnt-by:         EUROACCESS-MNT
nic-hdl:        TW1148-RIPE
source:         RIPE # Filtered

% Information related to '85.12.0.0/18AS34305'

route:          85.12.0.0/18
descr:          Euroaccess IPv4
origin:         AS34305
mnt-by:         EUROACCESS-MNT
source:         RIPE # Filtered

Email to abuse@euroacess.nl complaining about virus distribution might be in order...
______
Dennis
Back to top
View user's profile Send_private_message 
nubc


Joined: 23 Jan 2007
Posts: 1033
Location: USA

PostPosted: Wed 27 Jan 2010, 22:54    Post_subject:  

If you are seeing rogue antivirus popups on Puppy Forums, your [Windoze] computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.
Edited_time_total
Back to top
View user's profile Send_private_message 
ebiker

Joined: 04 Jan 2010
Posts: 7

PostPosted: Thu 28 Jan 2010, 11:17    Post_subject: pop ups  

nubc wrote:
If you are seeing rogue antivirus popups on Puppy Forums, your computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.


I did not see what it would do on the windows computer.

It did not pop up. AVG displayed a warning and blocked it and gave me the address.

To see what it was I typed it in later on a different computer running puppy so I could see what it is and what it does.

AVG only showed a warning. It did not say what it was or what it did.

I used puppy linux power to find that out.

I consider Windows malware ! ! !
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11011
Location: Arizona USA

PostPosted: Thu 28 Jan 2010, 16:24    Post_subject:  

Thanks, DMCunny.

It's still not clear to me how it gets sent to someone's computer. Does it come from the Puppy Linux server or what?
Back to top
View user's profile Send_private_message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Thu 28 Jan 2010, 18:35    Post_subject:  

nubc wrote:
If you are seeing rogue antivirus popups on Puppy Forums, your [Windoze] computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.

You might not need to go that far. I took at look at the site using Firefox on Windows. As expected, I saw a blank screen. I use the NoScript extension that blocks all scripting activity unless the site being viewed is in a user created whitetlist.

I use Symantec Corporate A/V, and have Malwarebytes anti-malware around, but it never finds anything. I'd be surprised it if it did, since most exploits target IE and bounce off other browsers.
______
Dennis
Back to top
View user's profile Send_private_message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Thu 28 Jan 2010, 18:40    Post_subject:  

Flash wrote:
Thanks, DMCunney.
It's still not clear to me how it gets sent to someone's computer. Does it come from the Puppy Linux server or what?

Unlikely. The question is where else people who see this might have visited. There are an assortment of ways to do things like hijack your browser and feed you stuff from unexpected places. Most of them exploit holes in IE and Windows, and bounce off if you run something else. I use Firefox with NoScript under Windows, and don't get bit by that sort of nonsense.

I'd be startled if the Puppy server was hacked and injecting malware.
______
Dennis
Back to top
View user's profile Send_private_message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Fri 29 Jan 2010, 20:27    Post_subject:  

from my sandboxie in XP/firefox

http://www.mywot.com/en/scorecard/bandstartedsecurity.com

The actual website appears to have been taken down....

Quote:
Server not found

Firefox can't find the server at www.bandstartedsecurity.com.


Absolutely Guaranteed - NOTHING to do with our beloved Puppy forum

just [ Laughing Laughing ] a dangerous exploit site

Aitch Smile
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11011
Location: Arizona USA

PostPosted: Fri 29 Jan 2010, 23:33    Post_subject:  

Thanks, Aitch. That's a relief. Smile
Back to top
View user's profile Send_private_message 
ebiker

Joined: 04 Jan 2010
Posts: 7

PostPosted: Sat 30 Jan 2010, 11:56    Post_subject:  

It does appear to be gone. It was very educational for me.

It was fun to play with too.

I have almost no interest in windows anymore. I am a Puppy head now ! ! !

I have not had this much fun learning about computers since my CoCo 6809 OS9 days !

The feeling of having control over my computers has returned ! Very Happy

Thanks, Steve
Back to top
View user's profile Send_private_message 
linuxsansdisquedur


Joined: 13 Jan 2009
Posts: 250
Location: South of France

PostPosted: Mon 22 Feb 2010, 17:29    Post_subject:    

BE CARREFUL SKYNET SLEEP IN PUPPY FORUM...............................................
ANY WINDOWS USER CONNECTED GOTTA BE TERMINATED..........................
USE PUPPY TO PRESERVE HUMANITY...................................................................

_________________
le max avec le min
Back to top
View user's profile Send_private_message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Mon 22 Feb 2010, 18:31    Post_subject:  

Do we need a Terminator.pet, then? Wink Laughing

Aitch Smile
Back to top
View user's profile Send_private_message 
`f00


Joined: 06 Nov 2008
Posts: 809
Location: the Western Reserve

PostPosted: Tue 23 Feb 2010, 20:03    Post_subject:
Sub_title: mmmJL
 

a True_Lies.sfs would be my choice (i<3levity)
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0817s ][ Queries: 12 (0.0042s) ][ GZIP on ]