Puppy 5.1 hacked into remotely?
to answer your questions nooby
>we (mostly he) shared links to gifs, jpegs, and flash
>he does have his own server - he swears by the use of it's vnc passthrough/proxy whatever capabilities and p2p use also
>no I don't log my router's activities (I probably shouldn't be sharing that knowledge I think and should actively log from now on *facepalm*)
>it's all a mystery to me to be honest - how do you get through my router and then my firewall too?
>we (mostly he) shared links to gifs, jpegs, and flash
>he does have his own server - he swears by the use of it's vnc passthrough/proxy whatever capabilities and p2p use also
>no I don't log my router's activities (I probably shouldn't be sharing that knowledge I think and should actively log from now on *facepalm*)
>it's all a mystery to me to be honest - how do you get through my router and then my firewall too?
Code: Select all
busybox-1.18.3 tcpsvd -v 127.0.0.1 100 busybox-1.18.3 ftpd /
Example : downloading a directory ( little /etc in this case ) :
Code: Select all
cd /mnt/sda9/wget
wget -rv ftp://127.0.0.1:100/etc
dru5k1,
Do you run samba? If you opened a folder of pictures to share, maybe translating through a samba-network-neighborhood or such it might have set up an environment that let your friend telnet into the "shared" space on your computer. I don't do samba, so I don't know what permissions are granted in puppy folders through it. But if all he managed was to run in a shared folder as a remote computer... That used to be pretty easy to do. I suppose doing something like that could be called a "hack" if done without permission. It's the kind of entry into a shared-files space that would slow your computer. Samba would be attempting to build a GUI to serve to a remote Windows environment. It should have been using a good deal of your cpu and keeping your net-activity blinky alight, with cpu temp and net Tx up.
Do you run samba? If you opened a folder of pictures to share, maybe translating through a samba-network-neighborhood or such it might have set up an environment that let your friend telnet into the "shared" space on your computer. I don't do samba, so I don't know what permissions are granted in puppy folders through it. But if all he managed was to run in a shared folder as a remote computer... That used to be pretty easy to do. I suppose doing something like that could be called a "hack" if done without permission. It's the kind of entry into a shared-files space that would slow your computer. Samba would be attempting to build a GUI to serve to a remote Windows environment. It should have been using a good deal of your cpu and keeping your net-activity blinky alight, with cpu temp and net Tx up.
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Thanks Karl for being a CUR
(Puppy spreading Courage Understanding and Reassurance)
rather than a follower of FUD.
Did you 'think of the children'?
http://youtu.be/Qh2sWSVRrmo
That makes perfect sense to me
and also in technical terms seems very easy . . .
Pretty sure I have a static IP address (this is set up by the ISP)
http://whatismyipaddress.com/dynamic-static
Is there an easy way to use a dynamic IP address temporarily
for example if contacting SMERSH (gosh it actually exists)
http://en.wikipedia.org/wiki/SMERSH
or the Linux Users Conspiracy Klub (LUCK)
(Puppy spreading Courage Understanding and Reassurance)
rather than a follower of FUD.
Did you 'think of the children'?
http://youtu.be/Qh2sWSVRrmo
That makes perfect sense to me
and also in technical terms seems very easy . . .
Pretty sure I have a static IP address (this is set up by the ISP)
http://whatismyipaddress.com/dynamic-static
Is there an easy way to use a dynamic IP address temporarily
for example if contacting SMERSH (gosh it actually exists)
http://en.wikipedia.org/wiki/SMERSH
or the Linux Users Conspiracy Klub (LUCK)
ok, I was running as root with no samba
just to let you know, I've updated my browser+flash and added
iptables -A INPUT -j DROP
to my /etc/rc.d/rc.firewall script (I figure these are good security measures), also I haven't talked to my friend as much just recently (he was ridding some windows machines of virii last time we spoke), and I haven't had any more intrusions (he just did that for fun, and he'll obviously know that I've got nothing juicy on my computer, so failing aggravating some net-savvy-linuxnet-savvy person I don't see the same incident happening again in the near future *fingers crossed*
(I feel quite confident actually - I asked him to try again, but he declined as he's busy)
just to let you know, I've updated my browser+flash and added
iptables -A INPUT -j DROP
to my /etc/rc.d/rc.firewall script (I figure these are good security measures), also I haven't talked to my friend as much just recently (he was ridding some windows machines of virii last time we spoke), and I haven't had any more intrusions (he just did that for fun, and he'll obviously know that I've got nothing juicy on my computer, so failing aggravating some net-savvy-linuxnet-savvy person I don't see the same incident happening again in the near future *fingers crossed*
(I feel quite confident actually - I asked him to try again, but he declined as he's busy)
This Exploit should be examined by looking at our own PUPs
Someone mentioned GUI being built by SAMBA.
I don't think that is possible in any current SAMBA. So SAMBA exploits merely would let you "see" files in the shared folder if you got desktop/SAMBA access.
The exploit that the OP seemingly referencing is about gaining access to executes some desktop function.
Althought this hack isn't considered a virus, it does constitute an examination of how the system could or would be used, depending on which access ANY user would do.
And, as many people whose eyes and comments we can put on this, should make for a much better solution.
Now, again, knowing what we currently know about Puppy, with/without a F/W, what is running or available to allow and support access over the LAN/WAN???
Hope this helps
I don't think that is possible in any current SAMBA. So SAMBA exploits merely would let you "see" files in the shared folder if you got desktop/SAMBA access.
The exploit that the OP seemingly referencing is about gaining access to executes some desktop function.
Althought this hack isn't considered a virus, it does constitute an examination of how the system could or would be used, depending on which access ANY user would do.
And, as many people whose eyes and comments we can put on this, should make for a much better solution.
Now, again, knowing what we currently know about Puppy, with/without a F/W, what is running or available to allow and support access over the LAN/WAN???
Hope this helps
Hello,
1. Do you have your firewall on??
2. Do you have any tangible evidence he had access to your system, or did he just slow it down?
3. Would you like to pay him back?
1. Do you have your firewall on??
2. Do you have any tangible evidence he had access to your system, or did he just slow it down?
3. Would you like to pay him back?
Close the Windows, and open your eyes, to a whole new world
I am Lead Dog of the
Puppy Linux Users Group on Facebook
Join us!
Puppy since 2.15CE...
I am Lead Dog of the
Puppy Linux Users Group on Facebook
Join us!
Puppy since 2.15CE...
Syslog/Syslogd/syslog-ng
Anyone know if its described somewhere how to properly implement syslog/syslog-ng in a modern PUP?
Thanks in advance
Thanks in advance