Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 25 Jun 2017, 10:25
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Have you detected any unusual activity lately?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [17 Posts]   Goto page: 1, 2 Next
Author Message
Antipodal

Joined: 26 Mar 2009
Posts: 222
Location: The other side of the world

PostPosted: Sun 09 Apr 2017, 17:55    Post subject:  Have you detected any unusual activity lately?
Subject description: At this forum or at your email related account since Apr 3 2017?
 

I have

I'm currently a bit tense but I will probably give some more information about this question in my next post or in my next edition once I have checked some details.

Thank you
Back to top
View user's profile Send private message 
tlchost

Joined: 05 Aug 2007
Posts: 2048
Location: Baltimore, Maryland USA

PostPosted: Sun 09 Apr 2017, 18:13    Post subject: Re: Have you detected any unusual activity lately?
Subject description: At this forum or at your email related account since Apr 3 2017?
 

Antipodal wrote:
I have

I'm currently a bit tense but I will probably give some more information about this question in my next post or in my next edition once I have checked some details.

Thank you


Wow....aside from email offering to enlarge my breasts, or joining forces with the aliens to take over the planet, it all seems normal. Perhaps if you told us more we might be able to better answer.
Back to top
View user's profile Send private message Visit poster's website 
bigpup


Joined: 11 Oct 2009
Posts: 8803
Location: Charleston S.C. USA

PostPosted: Mon 10 Apr 2017, 01:11    Post subject:  

There always watching me Shocked Exclamation
bulldog.jpg
 Description   
 Filesize   10.92 KB
 Viewed   476 Time(s)

bulldog.jpg


_________________
I have found, in trying to help people, that the things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 10316
Location: Gatineau (Qc), Canada

PostPosted: Mon 10 Apr 2017, 03:27    Post subject:  

Hello Antipodal.

Not in this forum, and not in my email, no.

But Spring has arrived a bit earlier in these parts! Some birds, some Canadian
geese are already back. That's unusual, overall!

BFN. Wink

_________________
musher0
~~~~~~~~~~
« Un insensé sur le trône n'est qu'un singe sur le haut d'un toit. » / "A madman
on the throne is just a monkey on top of a roof." (Bernard de Clervaux)
Back to top
View user's profile Send private message 
greengeek


Joined: 20 Jul 2010
Posts: 4583
Location: New Zealand

PostPosted: Mon 10 Apr 2017, 03:48    Post subject: Re: Have you detected any unusual activity lately?
Subject description: At this forum or at your email related account since Apr 3 2017?
 

Antipodal wrote:
Re: Have you detected any unusual activity lately?
I have
At this forum or at your email related account since Apr 3 2017?

I'm currently a bit tense but I will probably give some more information about this question in my next post or in my next edition once I have checked some details.
Yes - I find that I get bursts of interference from time to time. Sometimes it seems to follow visiting certain websites and sometimes it comes out of the blue. With regard to email I sometimes find that I get a lot of "false emails" for a few days - emails that look as if they come from friends or websites I subscribe to, but there are clues that they are just spam or clickbait - things like email address not matching domains I know, or failing to match the senders nick.

Sometimes these intrusion attempts via email are quite clever - mimicking people I know, but triggering my fastmail phishing alarm as the actual domain does not match the visible domain.

I suspect that some of these could be malware infections in my friends computers, but occasionally it appears to be spam generated by Facebook etc in "the name of" one of my friends. To be fair, facebook assumes the right to contact "friends" and send emails on their behalf (as part of their terms and conditions) so you have to be careful who you blame.

Other than that I have recently been getting a lot of circumstances where my router appears to kick me off the internet but i still see the Tx counter increment and see the wifi icon flash green intermittently. How can the TX counter increase if you are not on the internet? There's no one else on my home network when it happens. Disconnecting from the network and reconnecting brings things back to normal. Could just be a router fault but it's been stable until a couple of weeks ago...
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 10316
Location: Gatineau (Qc), Canada

PostPosted: Mon 10 Apr 2017, 09:40    Post subject:  

Joke aside, do you mean solar activity amd cosmic rays emitted by the Sun,
which can disrupt satellite transmissions and electrical networks?

You can go have a look at http://spaceweather.com.

_________________
musher0
~~~~~~~~~~
« Un insensé sur le trône n'est qu'un singe sur le haut d'un toit. » / "A madman
on the throne is just a monkey on top of a roof." (Bernard de Clervaux)

Last edited by musher0 on Mon 10 Apr 2017, 11:20; edited 1 time in total
Back to top
View user's profile Send private message 
Sailor Enceladus

Joined: 22 Feb 2016
Posts: 1159

PostPosted: Mon 10 Apr 2017, 11:14    Post subject:  

@Antipodal: Are you using FIrefox 52? If you get weird security message on login with it, check out this post:
http://www.murga-linux.com/puppy/viewtopic.php?p=949918#949918
Back to top
View user's profile Send private message 
perdido


Joined: 09 Dec 2013
Posts: 486
Location: Altair IV , Just north of Eeyore Junction.

PostPosted: Mon 10 Apr 2017, 16:43    Post subject:  

bigpup wrote:
There always watching me Shocked Exclamation


               
                                     

_________________
.
Back to top
View user's profile Send private message 
Antipodal

Joined: 26 Mar 2009
Posts: 222
Location: The other side of the world

PostPosted: Mon 10 Apr 2017, 17:06    Post subject:  

Hello members of the kennel!
Some of your comments were really funny and made me laugh a lot!!
I have read greengeeks post and I think that what happened to me is related in some way with what he describes as "false emails" in his first and second paragraph.
Regarding Sailor Enceladus' comment, before reading his link I will have to check which version I was using at the time the abnormalities emerged because as you will deduct from my message I have used many browsers and versions in these last 3 months.

I would have liked to be concise but I couldn't avoid going into details while I was recovering from the most unusual experience I had ever lived in this forum before.
This is what I wrote during my recovery hours (you can always skip the details):

I think the abnormalities I detected are - in some way - related to my research about teaming up my Puppies with PGP/GPG,
I have been twice interested in this subject.
The first time occurred when I wrote this post and after reading the whole thread vainly tried to use the tools that were mentioned there. Fortunately I solved that problem with another tool and tagged the thread as "solved".

The second time was on last December when I thought it would be nice to download a program for schools and learning environments whose download guide recommended a signature verification of the ISO image file using GPG.

At that time I thought that if I could use GPG to encrypt and decrypt I would also be able to verify the ISO image file. And because more than 2 years ago I had failed with my previous attempt, I jumped into a related thread and with the data provided by rockedge I resumed my attempts but failed once more.

That's why almost three months later I began this thread.But as you can see my request wasn't very successful.

I wasn't sure if I should ask the community why the reaction to it had been so far from what I had expected.

While I was thinking that up, I resumed my lonely research.

On Saturday 8 April 03:00 UTC after having failed in launching the Enigmail Wizard as recommended by Step 2A of this guide and after a IRC-Freenode-GPG channel talk with someone there, I saw a "New Private Message" notification on my "Inbox" tab on Thunderbird. Though I was very tired and really thought I needed some sleep I decided to click on the link that was written on that email as I usually do in those circumstances. I was hoping to find some help regarding the Tahrpup-PGP teaming issue.

I was not surprised when a little window announced it was impossible to access Murga’s forum because Firefox had collapsed, since the same thing had happened in other circumstances, when leaving the email client to get into the browser. In those cases I had solved the problem closing and/or killing all the opened windows and accessing the browser through its icon in the desktop or in the left corner of the tray.

So I carried on with that process and solved the problem. But when I tried to log into the forum I received another advice saying (I cant' remember exactly) I couldn't (or I shouldn't) log into the forum. I solved that by shutting down Tahr and restoring it from the original tahr-6.0.5-PAE.iso CD I had burned on March 2016 and trying to log in again.

I succeeded, and using PailMoon as a browser I loged directly into the PM section but to my surprise there wasn't a new message there. I then went to the thread that is obsessing me but nothing had changed there either.

I was puzzled (and as I said before, tired) but before login out I decided to take a look at the index. A new message had entered the House Training - Beginners Help (Start here) subforum precisely at that time and I couldn't understand its title so I clicked on it and saw the most extensive and compact original post I have ever seen in my life... but it was full of incoherent and disconnected sentences. The original poster had a username that I think began with Andrew and ended with some other 10 letters I can't recall now. To my surprise I discovered the three following subforums (Users[For the regulars], HOWTO[Solutions] and BUGS[Submit bugs]) had received almost at the same time, posts with the same signature and of the same sort.

But the biggest surprise took place when after checking the content of the post that had arrived to the BUGS[Submit bugs] subforum I discovered that new abnormal posts were arriving at the same four subforums with the only difference that the signature now belonged to someone whose username began with something like "jake"

The bottom right corner of my screen said it was Saturday 8 April and the time was about 03:UTC and while I was shutting down my computer and disconnecting my modem and router from the Internet the only thing I could think about was that Flash, Ian and JohnMurga would have a lot of unusual work to do that Saturday.

I will come back with more strange things I discovered in the forum and in my email related account after sleeping for at least 6 hours.

Goodbye and thank you for your time.

_________________
Posting from a P4 3Ghz_ASUS P5G41T-M LX3_2G RAM_DVD Write desktop with no internal HDD
Saving my stuff on small flash sticks and in external USB HDD
Back to top
View user's profile Send private message 
Semme


Joined: 07 Aug 2011
Posts: 7775
Location: World_Hub

PostPosted: Mon 10 Apr 2017, 17:59    Post subject:  

Look familiar?
Quote:
You have received a new private message to your account on "Puppy Linux Discussion Forum" and you have requested that you be notified on this event. You can view your new message by clicking on the following link:

http://www.murga-linux.com/puppy/privmsg.php?folder=inbox

There's nothing to read if the sender deletes their "outbox" copy before you reach your inbox.

Make sense? Perfect. It's how this boards phpBB works.

_________________
>>> Living with the immediacy of death helps you sort out your priorities. It helps you live a life less trivial <<<
Back to top
View user's profile Send private message 
Makoto


Joined: 03 Sep 2009
Posts: 2059
Location: Out wandering... maybe.

PostPosted: Tue 11 Apr 2017, 02:13    Post subject:  

Antipodal wrote:
I was puzzled (and as I said before, tired) but before login out I decided to take a look at the index. A new message had entered the House Training - Beginners Help (Start here) subforum precisely at that time and I couldn't understand its title so I clicked on it and saw the most extensive and compact original post I have ever seen in my life... but it was full of incoherent and disconnected sentences. The original poster had a username that I think began with Andrew and ended with some other 10 letters I can't recall now. To my surprise I discovered the three following subforums (Users[For the regulars], HOWTO[Solutions] and BUGS[Submit bugs]) had received almost at the same time, posts with the same signature and of the same sort.

But the biggest surprise took place when after checking the content of the post that had arrived to the BUGS[Submit bugs] subforum I discovered that new abnormal posts were arriving at the same four subforums with the only difference that the signature now belonged to someone whose username began with something like "jake"


Those were spam posts - four from "Andrewfarrell," and four from "jakediekman", in a short period of time, most likely the same spambot using two different aliases. The posts were removed.

_________________
[ Puppy 4.3.1 JP, Frugal install | 1GB RAM | 1.3GB swap ] * [ Puppy Precise 5.7.1 JP, Frugal install ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Back to top
View user's profile Send private message 
Antipodal

Joined: 26 Mar 2009
Posts: 222
Location: The other side of the world

PostPosted: Tue 11 Apr 2017, 09:49    Post subject:  

Thank you for these two last posts!
Semme's post makes sense and points out a possibility (that due to my lack of knowledge about these things) I hadn't thought about.
Makoto's post reveals accurately the aliases that were used and confirms what I saw.

Knowing who removed those posts would help in understanding what happened that Saturday 08 April 2017 ±03:00 UTC

Is anyone else willing to help?


-----------------------
Posting from a P4 3Ghz_ASUS P5G41T-M LX3_2G RAM_DVD Write desktop with no internal HDD
Saving my stuff on small flash sticks and in external USB HDD
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 10316
Location: Gatineau (Qc), Canada

PostPosted: Tue 11 Apr 2017, 10:54    Post subject:  

Antipodal wrote:
(...)
Knowing who removed those posts would help in understanding what
happened that Saturday 08 April 2017 ±03:00 UTC

(...)
Hello Antipodal.

The forum moderators (John_Murga, Flash, and a couple of others) have
the level of permission necessary to remove such posts.

You or I can't do anything on them directly, except report them in the
Spam Section of the forum. When the moderator sees your post there and
your report is justified, it usually doesn't take long before the offensive
message gets removed.

BTW, why do you ask? You're completely new to forums, eh?

IHTH.

_________________
musher0
~~~~~~~~~~
« Un insensé sur le trône n'est qu'un singe sur le haut d'un toit. » / "A madman
on the throne is just a monkey on top of a roof." (Bernard de Clervaux)
Back to top
View user's profile Send private message 
Antipodal

Joined: 26 Mar 2009
Posts: 222
Location: The other side of the world

PostPosted: Thu 13 Apr 2017, 14:26    Post subject:  

Hello musher0
During these last days I have been extremely busy or extremely sleepy.
But I always kept in mind I should answer your friendly message as soon as I could and I'm now here to thank you for it.
You wrote:
The forum moderators (John_Murga, Flash, and a couple of others) have
the level of permission necessary to remove such posts.
I always thought John Murga, Flash and Ian were the only ones with the necessary level of permission necessary to remove posts.
I don't recall having heard that someone else had those permissions too.
You wrote:
You or I can't do anything on them directly, except report them in the
Spam Section of the forum. When the moderator sees your post there and
your report is justified, it usually doesn't take long before the offensive
message gets removed.
Yes. I was aware of that.
You wrote:
BTW, why do you ask?
Probably for the same reasons that you do. We both seem to have inquisitive minds and like to know why things happen.
Before Semme and Makoto's messages my reasoning was that there were good chances I would have received a phishing email and I would have entered into a fake forum.
Semme's message made me slightly reduce the phishing chances.
Makoto's message significantly reduced the fake forum chances.
Currently I think the chances of a fake forum would be completely ruled out if those who have permissions for removing posts acknowledge having removed the posts Makoto and I saw.
If they don't, I believe there are still small chances that Makoto and I were phished into a fake forum.
Right?
Please, keep in mind that what precedes were/are the thoughts of a digital illiterate who welcomes critics and comments.
You wrote:
You're completely new to forums, eh?
This is the forum where I have been more active in my whole life.
I must have distributed much less than the same number of messages I have posted here among no more than ten other forums.

I also HTH

Long live Puppy lovers! Smile
Back to top
View user's profile Send private message 
Makoto


Joined: 03 Sep 2009
Posts: 2059
Location: Out wandering... maybe.

PostPosted: Fri 14 Apr 2017, 02:31    Post subject:  

I'm not sure, offhand, how you would come to the conclusion you were at risk of being phished, or on a fake forum, from a small handful of fake posts from two specific "users." The posts were among standard spambot fare; their only purpose is to get the links out there for the search engines to index, so to that end, it doesn't matter to the spammers/bots if they're buried in quotes taken from actual posts on the forum, pure gibberish, foreign languages, etc.
_________________
[ Puppy 4.3.1 JP, Frugal install | 1GB RAM | 1.3GB swap ] * [ Puppy Precise 5.7.1 JP, Frugal install ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [17 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0768s ][ Queries: 14 (0.0051s) ][ GZIP on ]