(old)Puppy Linux Discussion Forum

Hi all

I may have discovered a virus

Have just booted from an unaltered 053 spup iso (totally in ram) checked ip info and my computer was connected to an unknown ip address 174.143.142.58

ran it through domain dossier and it came back as lvs-vip.mhtx.net
which it traced to godaddy.com

Has anyone else seen this? and how would I find the program which instigated the connection?

cheers

stripe

tried it with a 511 lucid cd (again in ram) and got the same results

We have many threads about this phenomena.

Try this in a regular google search box.

puppy 174.143.

the reason I don't search the whole number is due to him changing it a bit now and then. You get more threads if you are more general in the search keywords.

I don't know what it is either but those who do know seems not concerned about it and some even tease us who where concerned.

My wild guess is that some script use it to check that the internet really are working and one way of doing it is to ping a known server that one trust are 100% up.

His server maybe is one of several such used for that purpose.

Some maybe use a google server or his is a google server. I only guess.

Read those threads and tell me if I should be concerned or relaxed about it.

I have given up on it.

Stripe

This thread may be of interest.

Cheers

Thanks Micko, even I had a fearful outburst on that thread.

But I still fail to get it. Hopefully our OP get what it is about.

Thanks nooby and mick

I tend to border on the paranoid as well

cheers

stripe

As the saying goes: "Better Safe than Sorrow!"

So we should be cautious. I just wonder what my Bank says about me being Root when logging into them? Okay I use a little Gadget they sent me that is for security but still the Ubuntu fans tells us all the time that one need to be a restricted user.

Yes but I fail to be one- Have tried many times but Ubuntu fails to see the HDD it only see what the User are allowed to see.

And when I tell the Ubuntu or Mint folks that I want to use it in frugal install they tell me to go to Puppy Forum and ask here instead, they don't do frugal installs.

Hi Stripe,

take a look at /usr/sbin/ipinfo. Inside the script is the following line. This makes the connection to the IP 174.143.142.58. This URL is supposed to reply with your external IP which is shown in the IP-INFO dialog on the 1st tab.

If you delete this line then the connection is gone when you open IP-INFO.

Hope that helps to get you in a more relaxed state.

MZ

Thanks MZ

you have saved me a lot of time and worry, (thats if I ever would have found it )

now I know what it is and what it does I am not worried

Thanks again

Stripe

Typically, the problem lies in the browser, which virus writers know is the weakest point in the system. You can probably prevent infection by using the add-on AdBlockPlus on your (mozilla) browser.

Error: SQL requests not achieved

please delete

please delete

please delete

please delete

One of the WiFi utilities in Puppy pings Google to test for connection to the Internet.

Barry's original and Dougal's utility did not do this. Is this the source of the problem?

The point about icanhazip is that it reports your external address to the internet, not the address of your PC. So if you are going through a router/NAT box etc you may not know what your external address is.

stripe/everyone

I've seen this before

icanhazip is an IP utility

simply check it yourself, it gives your outfacing IP address

http://icanhazip.com/

created by rackerhacker

http://rackerhacker.com/2009/07/31/get- ... hazip-com/

now widely used

Aitch

Thanks everybody

I am not worried at all since MZ explained it, I would rather icanhazip was pinged rather than google lol

Cheers

Stripe

If you have questions about icanhazip.com, just let me know. I'm the one who maintains it and foots the bill.

rackerhacker,
nice to see you

icanhazip_in_puppy