Hi all
I may have discovered a virus
Have just booted from an unaltered 053 spup iso (totally in ram) checked ip info and my computer was connected to an unknown ip address 174.143.142.58
ran it through domain dossier and it came back as lvs-vip.mhtx.net
which it traced to godaddy.com
Has anyone else seen this? and how would I find the program which instigated the connection?
cheers
stripe
tried it with a 511 lucid cd (again in ram) and got the same results
Possible virus in Puppy iso? (sorted)
Possible virus in Puppy iso? (sorted)
Last edited by Stripe on Thu 06 Jan 2011, 23:09, edited 1 time in total.
We have many threads about this phenomena.
Try this in a regular google search box.
puppy 174.143.
the reason I don't search the whole number is due to him changing it a bit now and then. You get more threads if you are more general in the search keywords.
I don't know what it is either but those who do know seems not concerned about it and some even tease us who where concerned.
My wild guess is that some script use it to check that the internet really are working and one way of doing it is to ping a known server that one trust are 100% up.
His server maybe is one of several such used for that purpose.
Some maybe use a google server or his is a google server. I only guess.
Read those threads and tell me if I should be concerned or relaxed about it.
I have given up on it.
Try this in a regular google search box.
puppy 174.143.
the reason I don't search the whole number is due to him changing it a bit now and then. You get more threads if you are more general in the search keywords.
I don't know what it is either but those who do know seems not concerned about it and some even tease us who where concerned.
My wild guess is that some script use it to check that the internet really are working and one way of doing it is to ping a known server that one trust are 100% up.
His server maybe is one of several such used for that purpose.
Some maybe use a google server or his is a google server. I only guess.
Read those threads and tell me if I should be concerned or relaxed about it.
I have given up on it.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
As the saying goes: "Better Safe than Sorrow!"
So we should be cautious. I just wonder what my Bank says about me being Root when logging into them? Okay I use a little Gadget they sent me that is for security but still the Ubuntu fans tells us all the time that one need to be a restricted user.
Yes but I fail to be one- Have tried many times but Ubuntu fails to see the HDD it only see what the User are allowed to see.
And when I tell the Ubuntu or Mint folks that I want to use it in frugal install they tell me to go to Puppy Forum and ask here instead, they don't do frugal installs.
So we should be cautious. I just wonder what my Bank says about me being Root when logging into them? Okay I use a little Gadget they sent me that is for security but still the Ubuntu fans tells us all the time that one need to be a restricted user.
Yes but I fail to be one- Have tried many times but Ubuntu fails to see the HDD it only see what the User are allowed to see.
And when I tell the Ubuntu or Mint folks that I want to use it in frugal install they tell me to go to Puppy Forum and ask here instead, they don't do frugal installs.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
-
MagicZaurus
- Posts: 107
- Joined: Mon 05 Jan 2009, 17:35
It's not a virus it's a feature
Hi Stripe,
take a look at /usr/sbin/ipinfo. Inside the script is the following line.
This makes the connection to the IP 174.143.142.58. This URL is supposed to reply with your external IP which is shown in the IP-INFO dialog on the 1st tab.
If you delete this line then the connection is gone when you open IP-INFO.
Hope that helps to get you in a more relaxed state.
MZ
take a look at /usr/sbin/ipinfo. Inside the script is the following line.
Code: Select all
var0="`wget -O - -q icanhazip.com`"If you delete this line then the connection is gone when you open IP-INFO.
Hope that helps to get you in a more relaxed state.
MZ
WiFi utility
One of the WiFi utilities in Puppy pings Google to test for connection to the Internet.
Barry's original and Dougal's utility did not do this. Is this the source of the problem?
The point about icanhazip is that it reports your external address to the internet, not the address of your PC. So if you are going through a router/NAT box etc you may not know what your external address is.
Barry's original and Dougal's utility did not do this. Is this the source of the problem?
The point about icanhazip is that it reports your external address to the internet, not the address of your PC. So if you are going through a router/NAT box etc you may not know what your external address is.
stripe/everyone
I've seen this before
icanhazip is an IP utility
simply check it yourself, it gives your outfacing IP address
http://icanhazip.com/
created by rackerhacker
http://rackerhacker.com/2009/07/31/get- ... hazip-com/
now widely used
Aitch
I've seen this before
icanhazip is an IP utility
simply check it yourself, it gives your outfacing IP address
http://icanhazip.com/
created by rackerhacker
http://rackerhacker.com/2009/07/31/get- ... hazip-com/
now widely used
Aitch
-
rackerhacker
- Posts: 7
- Joined: Sat 04 Aug 2012, 20:21
- Contact:
-
L18L
- Posts: 3479
- Joined: Sat 19 Jun 2010, 18:56
- Location: www.eussenheim.de/
