Posted: Thu 14 Jul 2011, 00:09
dru5k1,
I don't know if the server that auto-connected, or if where the pinging was directed from was .gov. I assumed the pinging was of WikiLeaks, since it was being attacked then. I assumed a government or enforcement entity directing, but would assume that whoever it was they were .com, since the most common is the best cover, and DoS attacking is not something I would do from home if I was a .gov. When paypal and others who irritated wikileaks supporters were attacked by radicals I booted the same system again and had no activity, except the "testing", which I assume to be notifying, or merely recording for statistics, if I had no flags, that my MAC was connected to the web.
The Lighthouse I used was not remastered. On this computer I run all sorts of puppies, whatever I download to try. I launch to net through open networks, some I know to be nosey, some of whose noses I sometimes deliberately tweak, to see who, or what, try what to roust data, operate something, run a program or proposition the computer. I do this for fun, to see how insecure the web can be for a normal user using puppy. I am not interested in stopping things, I am interested in what can get in, how and by what means. My interest is if there is any way for the common user to be secure and connected to the web. I give government and law enforcement a hard time when I see them part of the problem, because they are supposed to be protecting the innocent, not victimizing them, too.
In the DoS incident I did three evolutions to define generally where the exploiting was from. he first was when I noticed, with the existing pup-save. I then wiped the pup-save, which was then built new by the main sfs. Then I booted in ram with no pup-save. I then grabbed my bag of start disks and booted other puppies I had frugal-installed on the machine, to see if they did the same. I suspect a hole in Firefox, and I suspect a government connected entity because of the browser was writing out to a web location. Stock browsers that do this tend to write to "Colonel Hassan", or "Major Harris" or some or another such for "connection test", the site being one "every browser uses to test" because it is "left over from DARPA", has "a 99.999% up-time (and so is always there), or some such, I suspect to record there the MAC and time and place. A browser really needs test only to the computer's router, since it's the router, not the browser that connects beyond. As about any air-cracking addict can tell you, there ain't many routers that are any how secure.
Nooby and dru5k1,
Note that my recipe for "securing" root by moving it into spot is a puppy-virus recipe. It is fun in puppy because it does no serious harm (though you should do it on a frugal-installed puppy you don't have personal files in, just in case). It isn't a cure for anything, except maybe acute boredom. Computer programs find things they need by following paths to them. Putting root in spot removes root from the path programs follow to find it. Coming to a dead-end a program stalls. This effectively kills the running puppy. This does no harm with puppy because the running puppy is a copy. It is a clone of the puppy main sfs modified per white and black lists and additional instructions, and files, in the pup-save, and additional sfs's added on startup.
Basically all my "puppy-virus" does is illustrate and demonstrate the puppy structure that makes puppy root secure and provides puppy's first-line of security against infections. To bring in LPS into the discussion, for a nod to the thread, this first-line defense is the same that LPS uses (which LPS almost certainly has from puppy, which is famous for it, via GPL).
The means to "propagate" the "virus", moving root to spot to make root secure, is for fun. It is one of those "too good to be true" things, "so easy why didn't the experts ever think of it?" Because they are fun I like to think of these things.
Caveats: Because I have never full-install installed a puppy I don't know if the virus works the same, or messes things up in a full install. Also, I don't know if a puppy that saves to USB periodically will always fail to save the root-in-spot configuration to its pup-save. If your puppy does not restart normally, reboot in ram, mount the pup-save, move personal files out to /mnt/home, then mouse draw to compass all files in the pup-save, quiet-delete all, close the empty window, unmount the pup-save (by left-clicking on it), then reboot the computer, not saving your ram session. When the puppy main sfs re-populates the pup-save you can customize it again and move your personal files from /mnt/home back in.
I don't know if the server that auto-connected, or if where the pinging was directed from was .gov. I assumed the pinging was of WikiLeaks, since it was being attacked then. I assumed a government or enforcement entity directing, but would assume that whoever it was they were .com, since the most common is the best cover, and DoS attacking is not something I would do from home if I was a .gov. When paypal and others who irritated wikileaks supporters were attacked by radicals I booted the same system again and had no activity, except the "testing", which I assume to be notifying, or merely recording for statistics, if I had no flags, that my MAC was connected to the web.
The Lighthouse I used was not remastered. On this computer I run all sorts of puppies, whatever I download to try. I launch to net through open networks, some I know to be nosey, some of whose noses I sometimes deliberately tweak, to see who, or what, try what to roust data, operate something, run a program or proposition the computer. I do this for fun, to see how insecure the web can be for a normal user using puppy. I am not interested in stopping things, I am interested in what can get in, how and by what means. My interest is if there is any way for the common user to be secure and connected to the web. I give government and law enforcement a hard time when I see them part of the problem, because they are supposed to be protecting the innocent, not victimizing them, too.
In the DoS incident I did three evolutions to define generally where the exploiting was from. he first was when I noticed, with the existing pup-save. I then wiped the pup-save, which was then built new by the main sfs. Then I booted in ram with no pup-save. I then grabbed my bag of start disks and booted other puppies I had frugal-installed on the machine, to see if they did the same. I suspect a hole in Firefox, and I suspect a government connected entity because of the browser was writing out to a web location. Stock browsers that do this tend to write to "Colonel Hassan", or "Major Harris" or some or another such for "connection test", the site being one "every browser uses to test" because it is "left over from DARPA", has "a 99.999% up-time (and so is always there), or some such, I suspect to record there the MAC and time and place. A browser really needs test only to the computer's router, since it's the router, not the browser that connects beyond. As about any air-cracking addict can tell you, there ain't many routers that are any how secure.
Nooby and dru5k1,
Note that my recipe for "securing" root by moving it into spot is a puppy-virus recipe. It is fun in puppy because it does no serious harm (though you should do it on a frugal-installed puppy you don't have personal files in, just in case). It isn't a cure for anything, except maybe acute boredom. Computer programs find things they need by following paths to them. Putting root in spot removes root from the path programs follow to find it. Coming to a dead-end a program stalls. This effectively kills the running puppy. This does no harm with puppy because the running puppy is a copy. It is a clone of the puppy main sfs modified per white and black lists and additional instructions, and files, in the pup-save, and additional sfs's added on startup.
Basically all my "puppy-virus" does is illustrate and demonstrate the puppy structure that makes puppy root secure and provides puppy's first-line of security against infections. To bring in LPS into the discussion, for a nod to the thread, this first-line defense is the same that LPS uses (which LPS almost certainly has from puppy, which is famous for it, via GPL).
The means to "propagate" the "virus", moving root to spot to make root secure, is for fun. It is one of those "too good to be true" things, "so easy why didn't the experts ever think of it?" Because they are fun I like to think of these things.
Caveats: Because I have never full-install installed a puppy I don't know if the virus works the same, or messes things up in a full install. Also, I don't know if a puppy that saves to USB periodically will always fail to save the root-in-spot configuration to its pup-save. If your puppy does not restart normally, reboot in ram, mount the pup-save, move personal files out to /mnt/home, then mouse draw to compass all files in the pup-save, quiet-delete all, close the empty window, unmount the pup-save (by left-clicking on it), then reboot the computer, not saving your ram session. When the puppy main sfs re-populates the pup-save you can customize it again and move your personal files from /mnt/home back in.