 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Fri 24 May 2013, 17:19 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
Possible botnet - received notice from AT&T (SOLVED)
|
 
|
View previous topic :: View next topic |
| Page 1 of 1 [10 Posts] |
| Author | Message | ||||||
|---|---|---|---|---|---|---|---|
yarddog
 Joined: 30 Nov 2009 Posts: 187 Location: Great Smoky Mountains, TN USA |
I received following from my ISP:
i am running puppy 431 full install on sda1, lucid 525 full install on sda2 and dpup 485 full install on sda3 hp pent4, 2.8 ghz, intel 82865g graphics controller, 2gb memory have tried reformatting partitions with gparted and reloading software and still getting this notice from isp use xchat as irc client since i am running linux, i cannot download and run the scan tool that att suggests as it is a .exe file what product(s) are available for me to run in linux to get rid of this problem appreciate any suggestions thanks yarddog Last edited by yarddog on Wed 15 Jun 2011, 00:12; edited 2 times in total |
||||||
|
|||||||
 |
|||||||
James C
 Joined: 26 Mar 2009 Posts: 4742 Location: Kentucky |
I received the same message a couple of times here....it appears to me to be some type of a scam. Just to be safe I did scan my Linux boxes, I use the BitDefender Rescue cd, but didn't find anything out of the norm. http://download.bitdefender.com/rescue_cd/bitdefender-rescue-cd.iso HTH. |
||||||
|
|||||||
|
|||||||
|
yarddog
Joined: 30 Nov 2009 Posts: 187 Location: Great Smoky Mountains, TN USA |
i downloaded the rescue-cd.iso and tried to run i have three linux partitions plus storage partition on hard drive how do i tell bit defender which partition to scan??? i tried to run scan and received many, many permission denied messages appreciate your help thanks yarddog |
||||||
|
|||||||
|
|||||||
Bruce B
 Joined: 18 May 2005 Posts: 10818 Location: The Peoples Republic of California |
Do you have a wireless router someone could be tapped into? ~ _________________ New! Puppy Linux Links Page |
||||||
|
|||||||
|
|||||||
bigpup
 Joined: 11 Oct 2009 Posts: 3687 Location: Charleston S.C. USA |
AT&T does not send out notices like this. This is a scam!! Trying to get you to download and install a botnet or something worse. |
||||||
|
|||||||
|
|||||||
|
Bruce B
Joined: 18 May 2005 Posts: 10818 Location: The Peoples Republic of California |
If you go to the web page, how about telling if you think it is a genuine att.com site? ~ _________________ New! Puppy Linux Links Page |
||||||
|
|||||||
|
|||||||
|
nooby
Joined: 29 Jun 2008 Posts: 9389 Location: SwedenEurope |
Even if it is a genuine site that could still be them using it and them have injected script that take you to their scam site that also looks exactly like the right one. So these guys are very clever. I also are very skeptical to that ATT send out such. Do google search on the text and the url to see if others also has had these warnings. _________________ I'm a noob so I use Google Search of Puppy Forum |
||||||
|
|||||||
|
|||||||
|
yarddog
Joined: 30 Nov 2009 Posts: 187 Location: Great Smoky Mountains, TN USA |
no wireless- dsl cable modem only that is turned off when computer is off yarddog |
||||||
|
|||||||
|
|||||||
|
yarddog
Joined: 30 Nov 2009 Posts: 187 Location: Great Smoky Mountains, TN USA |
looks pretty realistic to me - following is complete message received WARNING NOTICE from AT&T Internet Services Security Center Wednesday, June 1, 2011 11:42 AM From: "AT&T Internet Services Security Center" <abuse@att.net> Add sender to Contacts my email address omitted IMPORTANT COMPUTER SAFETY NOTICE from AT&T Internet Services Security Center -“IRC Traffic Detected” We have evidence which indicates that a computer accessing the Internet via your Internet connection may be infected with malicious software such as a virus or worm. Our investigation shows that the following IP was assigned to your log-on session at the indicated time and was using IRC connections to a computer network which is possibly a Botnet. Date: (UTC) => Your IP: 2011-05-30 22:00:24 => IRC Botnet infected systems commonly send or receive commands that can SPAM email, spread malicious software, and perpetrate identity theft. IRC traffic on ports other than those normally used by IRC can be an indication of backdoor trojans or bots. We realize that in some cases this may be normal activity if you are running an IRC server, but in order to protect yourself and others, we recommend that you scan every system that utilizes your internet connection with up to date Anti-virus software. To address this problem, and in accordance with the terms of service and acceptable use policy of your service agreement, we ask that you immediately take the following steps to secure your network: 1. If your computer(s) are managed by an Information Technology (IT) group at your place of work, then contact them immediately. 2. AT&T offers a free online scan tool PC Health Check that will scan for virus/spyware activity. https://pccheck.att.com/index.aspx?RID=AG 3. If your computer(s) are personally owned, then update the security software on your system (follow the instructions on your vendor's website). You might also consider installing new security software such as AT&T Security Suite. http://www.att.net/iss (You must be logged in with the Master Account ID to download AT&T Security Suite). 4. If you are an advanced user, then consider reimaging your computer(s) and installing the necessary software patches. For less advanced users, this can be done by a third party such as AT&T Connect Tech. https://remotesupport.att.com/index.aspx AT&T Computer consultants trained to clean infected machines might also be located in your area (you can search at yp.com). 5. In all cases, please respond by forwarding this email to: abuse@att.net with an acknowledgment of: "I am taking steps to address this infection." When we receive such an acknowledgment, we can maintain the high quality of service you expect from us. We welcome feedback on what removal tools or method were used. Below are some additional sites you can visit for tools or information: Microsoft Systems Anti-virus: http://www.microsoft.com/security_essentials/ Microsoft Safety Scanner: http://www.microsoft.com/security/scanner/en-us/default.aspx Apple Systems Anti-virus: http://www.apple.com/downloads/macosx/networking_security/avastantivirusmacedition.html We also recommend you run anti-spyware application, like Malwarebytes Anti-Malware or Spybot: http://malwarebytes.org/mbam.php http://www.safer-networking.org/en/index.html Regards, AT&T Internet Services Security Center abuse@att.net SAFETY NOTE: We have included links in this email as a convenience. Please note that it is always safer to copy and paste URLs included in email directly into your browser to reach the referenced site. 85aqb58dd0b15179d86b6b1b5ed5962x i have three email addresses with yahoo.com one is on windows machine two on puppy partitions on different pc 1 email with gmail.com, also on different pc i only get this message to the email account that was set up when dsl modem installed on the windows machine... please note that message indicates possibly coming from irc connection..... i use xchat only and only on linux machines thanks yarddog Last edited by yarddog on Wed 15 Jun 2011, 00:14; edited 1 time in total |
||||||
|
|||||||
|
|||||||
|
yarddog
Joined: 30 Nov 2009 Posts: 187 Location: Great Smoky Mountains, TN USA |
results of search on text - WARNING NOTICE from AT&T Internet Services Security Center- PHISHING EMAIL!!! Options * Report Inappropriate Content 10-22-2010 11:31:39 AM Below is a copy of an email I received from "AT&T Internet Services Security Center" . I was not able to find any posting regarding this and so I called AT&T's internet tech support at 1-877-722-3755 to verify that this is in fact bogus email. Tech support said that: 1) AT&T will never link to third party websites - AT&T links to within their own website; 2) "From" email address is not legit!. I hope this info makes it easier on the next person who tries seaching this subject.....here is the email in it's entirety: see above for complete email thanks for suggestion yarddog |
||||||
|
|||||||
|
|||||||
Possible botnet - received notice from AT&T (SOLVED)
| Page 1 of 1 [10 Posts] |
|
|
View previous topic :: View next topic |
|
Forum index » Off-Topic Area » Security |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group