(old)Puppy Linux Discussion Forum

to answer your questions nooby

>we (mostly he) shared links to gifs, jpegs, and flash
>he does have his own server - he swears by the use of it's vnc passthrough/proxy whatever capabilities and p2p use also
>no I don't log my router's activities (I probably shouldn't be sharing that knowledge I think and should actively log from now on *facepalm*)
>it's all a mystery to me to be honest - how do you get through my router and then my firewall too?

can set up a port .

Example : downloading a directory ( little /etc in this case ) : But until now I was not able to inject a file with scp or curl .

dru5k1,

Do you run samba? If you opened a folder of pictures to share, maybe translating through a samba-network-neighborhood or such it might have set up an environment that let your friend telnet into the "shared" space on your computer. I don't do samba, so I don't know what permissions are granted in puppy folders through it. But if all he managed was to run in a shared folder as a remote computer... That used to be pretty easy to do. I suppose doing something like that could be called a "hack" if done without permission. It's the kind of entry into a shared-files space that would slow your computer. Samba would be attempting to build a GUI to serve to a remote Windows environment. It should have been using a good deal of your cpu and keeping your net-activity blinky alight, with cpu temp and net Tx up.

Thanks Karl for being a CUR
(Puppy spreading Courage Understanding and Reassurance)
rather than a follower of FUD.
Did you 'think of the children'?
http://youtu.be/Qh2sWSVRrmo

That makes perfect sense to me
and also in technical terms seems very easy . . .

Pretty sure I have a static IP address (this is set up by the ISP)
http://whatismyipaddress.com/dynamic-static
Is there an easy way to use a dynamic IP address temporarily
for example if contacting SMERSH (gosh it actually exists)
http://en.wikipedia.org/wiki/SMERSH
or the Linux Users Conspiracy Klub (LUCK)

dru5k1, another question for you: were you running Puppy as root, or as a user with a login at the time your friend broke in?

ok, I was running as root with no samba

just to let you know, I've updated my browser+flash and added
iptables -A INPUT -j DROP
to my /etc/rc.d/rc.firewall script (I figure these are good security measures), also I haven't talked to my friend as much just recently (he was ridding some windows machines of virii last time we spoke), and I haven't had any more intrusions (he just did that for fun, and he'll obviously know that I've got nothing juicy on my computer, so failing aggravating some net-savvy-linuxnet-savvy person I don't see the same incident happening again in the near future *fingers crossed*

(I feel quite confident actually - I asked him to try again, but he declined as he's busy)

looking back over the thread,..

I *wish* I knew how this is done.. as far as I know it costs both money and time to learn though... I'm just an average web browser - it's way out of my league

To reedit up to date.

The guy who vandalized the forum a month or so ago used a TOR (anonymizer) server to hide his true IP address. Is that what you mean?

Someone mentioned GUI being built by SAMBA.

I don't think that is possible in any current SAMBA. So SAMBA exploits merely would let you "see" files in the shared folder if you got desktop/SAMBA access.

The exploit that the OP seemingly referencing is about gaining access to executes some desktop function.

Althought this hack isn't considered a virus, it does constitute an examination of how the system could or would be used, depending on which access ANY user would do.

And, as many people whose eyes and comments we can put on this, should make for a much better solution.

Now, again, knowing what we currently know about Puppy, with/without a F/W, what is running or available to allow and support access over the LAN/WAN???

Hope this helps

Hello,
1. Do you have your firewall on??
2. Do you have any tangible evidence he had access to your system, or did he just slow it down?
3. Would you like to pay him back?

Anyone know if its described somewhere how to properly implement syslog/syslog-ng in a modern PUP?

Thanks in advance

He's a bit of a joking snobby guy, only saying that the my browser was too old

Like he told you, it was probably a browser exploit. Try adding Ad Block Plus and a script stopper/blocker. Check Tuuxxx's Classic Pup 2.14X for a Flash blocker.